Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-53482 (GCVE-0-2023-53482)
Vulnerability from cvelistv5
Published
2025-10-01 11:42
Modified
2025-10-01 11:42
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
iommu: Fix error unwind in iommu_group_alloc()
If either iommu_group_grate_file() fails then the
iommu_group is leaked.
Destroy it on these error paths.
Found by kselftest/iommu/iommufd_fail_nth
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/iommu/iommu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f119ef452e2d82d912797273cb790a86f1125b3e",
"status": "affected",
"version": "bc7d12b91bd35477fd650c4d72b61239de9d9066",
"versionType": "git"
},
{
"lessThan": "4c23124b45ee0aa895ed8d5d08871ae6b15ee336",
"status": "affected",
"version": "bc7d12b91bd35477fd650c4d72b61239de9d9066",
"versionType": "git"
},
{
"lessThan": "8602fa38a63fc689eca29c8c586fac2d8a1f8739",
"status": "affected",
"version": "bc7d12b91bd35477fd650c4d72b61239de9d9066",
"versionType": "git"
},
{
"lessThan": "4daa861174d56023c2068ddb03de0752f07fa199",
"status": "affected",
"version": "bc7d12b91bd35477fd650c4d72b61239de9d9066",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/iommu/iommu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.99",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"version": "6.2.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.3",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.99",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.16",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.3",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3",
"versionStartIncluding": "4.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix error unwind in iommu_group_alloc()\n\nIf either iommu_group_grate_file() fails then the\niommu_group is leaked.\n\nDestroy it on these error paths.\n\nFound by kselftest/iommu/iommufd_fail_nth"
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T11:42:50.800Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f119ef452e2d82d912797273cb790a86f1125b3e"
},
{
"url": "https://git.kernel.org/stable/c/4c23124b45ee0aa895ed8d5d08871ae6b15ee336"
},
{
"url": "https://git.kernel.org/stable/c/8602fa38a63fc689eca29c8c586fac2d8a1f8739"
},
{
"url": "https://git.kernel.org/stable/c/4daa861174d56023c2068ddb03de0752f07fa199"
}
],
"title": "iommu: Fix error unwind in iommu_group_alloc()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-53482",
"datePublished": "2025-10-01T11:42:50.800Z",
"dateReserved": "2025-10-01T11:39:39.402Z",
"dateUpdated": "2025-10-01T11:42:50.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-53482\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-10-01T12:15:50.890\",\"lastModified\":\"2025-10-02T19:12:17.160\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\niommu: Fix error unwind in iommu_group_alloc()\\n\\nIf either iommu_group_grate_file() fails then the\\niommu_group is leaked.\\n\\nDestroy it on these error paths.\\n\\nFound by kselftest/iommu/iommufd_fail_nth\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4c23124b45ee0aa895ed8d5d08871ae6b15ee336\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4daa861174d56023c2068ddb03de0752f07fa199\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8602fa38a63fc689eca29c8c586fac2d8a1f8739\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f119ef452e2d82d912797273cb790a86f1125b3e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
ghsa-fw52-phmw-fv93
Vulnerability from github
Published
2025-10-01 12:30
Modified
2025-10-01 12:30
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
iommu: Fix error unwind in iommu_group_alloc()
If either iommu_group_grate_file() fails then the iommu_group is leaked.
Destroy it on these error paths.
Found by kselftest/iommu/iommufd_fail_nth
{
"affected": [],
"aliases": [
"CVE-2023-53482"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:50Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix error unwind in iommu_group_alloc()\n\nIf either iommu_group_grate_file() fails then the\niommu_group is leaked.\n\nDestroy it on these error paths.\n\nFound by kselftest/iommu/iommufd_fail_nth",
"id": "GHSA-fw52-phmw-fv93",
"modified": "2025-10-01T12:30:30Z",
"published": "2025-10-01T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53482"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4c23124b45ee0aa895ed8d5d08871ae6b15ee336"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4daa861174d56023c2068ddb03de0752f07fa199"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8602fa38a63fc689eca29c8c586fac2d8a1f8739"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f119ef452e2d82d912797273cb790a86f1125b3e"
}
],
"schema_version": "1.4.0",
"severity": []
}
wid-sec-w-2025-2187
Vulnerability from csaf_certbund
Published
2025-10-01 22:00
Modified
2025-10-30 23:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und um nicht nähere beschriebene Effekte zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und um nicht n\u00e4here beschriebene Effekte zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2187 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2187.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2187 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2187"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2021-4460",
"url": "https://lore.kernel.org/linux-cve-announce/2025100114-CVE-2021-4460-aa71@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50420",
"url": "https://lore.kernel.org/linux-cve-announce/2025100152-CVE-2022-50420-1d36@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50421",
"url": "https://lore.kernel.org/linux-cve-announce/2025100155-CVE-2022-50421-8bdc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50422",
"url": "https://lore.kernel.org/linux-cve-announce/2025100155-CVE-2022-50422-287b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50423",
"url": "https://lore.kernel.org/linux-cve-announce/2025100155-CVE-2022-50423-5a66@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50424",
"url": "https://lore.kernel.org/linux-cve-announce/2025100156-CVE-2022-50424-049f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50425",
"url": "https://lore.kernel.org/linux-cve-announce/2025100156-CVE-2022-50425-6722@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50426",
"url": "https://lore.kernel.org/linux-cve-announce/2025100156-CVE-2022-50426-a61b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50427",
"url": "https://lore.kernel.org/linux-cve-announce/2025100157-CVE-2022-50427-87b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50428",
"url": "https://lore.kernel.org/linux-cve-announce/2025100157-CVE-2022-50428-0c76@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50429",
"url": "https://lore.kernel.org/linux-cve-announce/2025100157-CVE-2022-50429-4bc6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50430",
"url": "https://lore.kernel.org/linux-cve-announce/2025100157-CVE-2022-50430-568d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50431",
"url": "https://lore.kernel.org/linux-cve-announce/2025100158-CVE-2022-50431-b165@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50432",
"url": "https://lore.kernel.org/linux-cve-announce/2025100158-CVE-2022-50432-bb35@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50433",
"url": "https://lore.kernel.org/linux-cve-announce/2025100158-CVE-2022-50433-440b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50434",
"url": "https://lore.kernel.org/linux-cve-announce/2025100159-CVE-2022-50434-e4db@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50435",
"url": "https://lore.kernel.org/linux-cve-announce/2025100159-CVE-2022-50435-f6c4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50436",
"url": "https://lore.kernel.org/linux-cve-announce/2025100159-CVE-2022-50436-ad37@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50437",
"url": "https://lore.kernel.org/linux-cve-announce/2025100100-CVE-2022-50437-440f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50438",
"url": "https://lore.kernel.org/linux-cve-announce/2025100100-CVE-2022-50438-1760@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50439",
"url": "https://lore.kernel.org/linux-cve-announce/2025100100-CVE-2022-50439-6054@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50440",
"url": "https://lore.kernel.org/linux-cve-announce/2025100101-CVE-2022-50440-1afd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50441",
"url": "https://lore.kernel.org/linux-cve-announce/2025100101-CVE-2022-50441-e2e2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50442",
"url": "https://lore.kernel.org/linux-cve-announce/2025100101-CVE-2022-50442-c0fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50443",
"url": "https://lore.kernel.org/linux-cve-announce/2025100102-CVE-2022-50443-c1d5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50444",
"url": "https://lore.kernel.org/linux-cve-announce/2025100102-CVE-2022-50444-9b11@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50445",
"url": "https://lore.kernel.org/linux-cve-announce/2025100115-CVE-2022-50445-5873@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50446",
"url": "https://lore.kernel.org/linux-cve-announce/2025100115-CVE-2022-50446-94be@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50447",
"url": "https://lore.kernel.org/linux-cve-announce/2025100115-CVE-2022-50447-4de6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50448",
"url": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2022-50448-922e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50449",
"url": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2022-50449-214c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50450",
"url": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2022-50450-7ef7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50451",
"url": "https://lore.kernel.org/linux-cve-announce/2025100117-CVE-2022-50451-418f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50452",
"url": "https://lore.kernel.org/linux-cve-announce/2025100117-CVE-2022-50452-055d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50453",
"url": "https://lore.kernel.org/linux-cve-announce/2025100117-CVE-2022-50453-204a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50454",
"url": "https://lore.kernel.org/linux-cve-announce/2025100118-CVE-2022-50454-9c7d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50455",
"url": "https://lore.kernel.org/linux-cve-announce/2025100118-CVE-2022-50455-24fb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50456",
"url": "https://lore.kernel.org/linux-cve-announce/2025100118-CVE-2022-50456-f0d6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50457",
"url": "https://lore.kernel.org/linux-cve-announce/2025100118-CVE-2022-50457-da35@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50458",
"url": "https://lore.kernel.org/linux-cve-announce/2025100119-CVE-2022-50458-4fa8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50459",
"url": "https://lore.kernel.org/linux-cve-announce/2025100119-CVE-2022-50459-2340@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50460",
"url": "https://lore.kernel.org/linux-cve-announce/2025100119-CVE-2022-50460-2149@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50461",
"url": "https://lore.kernel.org/linux-cve-announce/2025100120-CVE-2022-50461-5ee8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50462",
"url": "https://lore.kernel.org/linux-cve-announce/2025100120-CVE-2022-50462-a935@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50463",
"url": "https://lore.kernel.org/linux-cve-announce/2025100120-CVE-2022-50463-9ae6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50464",
"url": "https://lore.kernel.org/linux-cve-announce/2025100121-CVE-2022-50464-3c96@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50465",
"url": "https://lore.kernel.org/linux-cve-announce/2025100121-CVE-2022-50465-fb12@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50466",
"url": "https://lore.kernel.org/linux-cve-announce/2025100121-CVE-2022-50466-b59c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50467",
"url": "https://lore.kernel.org/linux-cve-announce/2025100122-CVE-2022-50467-13ec@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50468",
"url": "https://lore.kernel.org/linux-cve-announce/2025100122-CVE-2022-50468-3196@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50469",
"url": "https://lore.kernel.org/linux-cve-announce/2025100122-CVE-2022-50469-bbc4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53448",
"url": "https://lore.kernel.org/linux-cve-announce/2025100102-CVE-2023-53448-e125@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53449",
"url": "https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53449-b49f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53450",
"url": "https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53450-35c4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53451",
"url": "https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53451-bb02@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53452",
"url": "https://lore.kernel.org/linux-cve-announce/2025100104-CVE-2023-53452-f6e5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53453",
"url": "https://lore.kernel.org/linux-cve-announce/2025100104-CVE-2023-53453-c36d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53454",
"url": "https://lore.kernel.org/linux-cve-announce/2025100104-CVE-2023-53454-5ee6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53455",
"url": "https://lore.kernel.org/linux-cve-announce/2025100104-CVE-2023-53455-3efb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53456",
"url": "https://lore.kernel.org/linux-cve-announce/2025100105-CVE-2023-53456-b77a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53457",
"url": "https://lore.kernel.org/linux-cve-announce/2025100105-CVE-2023-53457-629a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53458",
"url": "https://lore.kernel.org/linux-cve-announce/2025100105-CVE-2023-53458-8239@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53459",
"url": "https://lore.kernel.org/linux-cve-announce/2025100106-CVE-2023-53459-48f3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53460",
"url": "https://lore.kernel.org/linux-cve-announce/2025100106-CVE-2023-53460-cdc8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53461",
"url": "https://lore.kernel.org/linux-cve-announce/2025100106-CVE-2023-53461-b02b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53462",
"url": "https://lore.kernel.org/linux-cve-announce/2025100107-CVE-2023-53462-7a33@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53463",
"url": "https://lore.kernel.org/linux-cve-announce/2025100107-CVE-2023-53463-49fd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53464",
"url": "https://lore.kernel.org/linux-cve-announce/2025100107-CVE-2023-53464-a397@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53465",
"url": "https://lore.kernel.org/linux-cve-announce/2025100108-CVE-2023-53465-eb0b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53466",
"url": "https://lore.kernel.org/linux-cve-announce/2025100108-CVE-2023-53466-dcff@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53467",
"url": "https://lore.kernel.org/linux-cve-announce/2025100108-CVE-2023-53467-fa4b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53468",
"url": "https://lore.kernel.org/linux-cve-announce/2025100109-CVE-2023-53468-8dea@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53469",
"url": "https://lore.kernel.org/linux-cve-announce/2025100109-CVE-2023-53469-e372@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53470",
"url": "https://lore.kernel.org/linux-cve-announce/2025100109-CVE-2023-53470-8c6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53471",
"url": "https://lore.kernel.org/linux-cve-announce/2025100110-CVE-2023-53471-09f6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53472",
"url": "https://lore.kernel.org/linux-cve-announce/2025100110-CVE-2023-53472-93cb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53473",
"url": "https://lore.kernel.org/linux-cve-announce/2025100110-CVE-2023-53473-bf5d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53474",
"url": "https://lore.kernel.org/linux-cve-announce/2025100110-CVE-2023-53474-b2ae@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53475",
"url": "https://lore.kernel.org/linux-cve-announce/2025100111-CVE-2023-53475-b007@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53476",
"url": "https://lore.kernel.org/linux-cve-announce/2025100111-CVE-2023-53476-d6d3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53477",
"url": "https://lore.kernel.org/linux-cve-announce/2025100111-CVE-2023-53477-93d5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53478",
"url": "https://lore.kernel.org/linux-cve-announce/2025100112-CVE-2023-53478-3da0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53479",
"url": "https://lore.kernel.org/linux-cve-announce/2025100112-CVE-2023-53479-5c70@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53480",
"url": "https://lore.kernel.org/linux-cve-announce/2025100112-CVE-2023-53480-95ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53481",
"url": "https://lore.kernel.org/linux-cve-announce/2025100113-CVE-2023-53481-cddb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53482",
"url": "https://lore.kernel.org/linux-cve-announce/2025100113-CVE-2023-53482-ade3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53483",
"url": "https://lore.kernel.org/linux-cve-announce/2025100113-CVE-2023-53483-cf50@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53484",
"url": "https://lore.kernel.org/linux-cve-announce/2025100114-CVE-2023-53484-d863@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53485",
"url": "https://lore.kernel.org/linux-cve-announce/2025100114-CVE-2023-53485-672c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53486",
"url": "https://lore.kernel.org/linux-cve-announce/2025100114-CVE-2023-53486-455f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53487",
"url": "https://lore.kernel.org/linux-cve-announce/2025100115-CVE-2023-53487-c3f7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53488",
"url": "https://lore.kernel.org/linux-cve-announce/2025100123-CVE-2023-53488-2533@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53489",
"url": "https://lore.kernel.org/linux-cve-announce/2025100123-CVE-2023-53489-eec5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53490",
"url": "https://lore.kernel.org/linux-cve-announce/2025100123-CVE-2023-53490-c90f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53491",
"url": "https://lore.kernel.org/linux-cve-announce/2025100123-CVE-2023-53491-2d8b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53492",
"url": "https://lore.kernel.org/linux-cve-announce/2025100124-CVE-2023-53492-18fd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53493",
"url": "https://lore.kernel.org/linux-cve-announce/2025100124-CVE-2023-53493-ef00@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53494",
"url": "https://lore.kernel.org/linux-cve-announce/2025100124-CVE-2023-53494-6542@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53495",
"url": "https://lore.kernel.org/linux-cve-announce/2025100125-CVE-2023-53495-3cce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53496",
"url": "https://lore.kernel.org/linux-cve-announce/2025100125-CVE-2023-53496-b145@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53497",
"url": "https://lore.kernel.org/linux-cve-announce/2025100125-CVE-2023-53497-e3a3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53498",
"url": "https://lore.kernel.org/linux-cve-announce/2025100126-CVE-2023-53498-3f4e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53499",
"url": "https://lore.kernel.org/linux-cve-announce/2025100126-CVE-2023-53499-0e6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53500",
"url": "https://lore.kernel.org/linux-cve-announce/2025100126-CVE-2023-53500-61b6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53501",
"url": "https://lore.kernel.org/linux-cve-announce/2025100127-CVE-2023-53501-5859@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53502",
"url": "https://lore.kernel.org/linux-cve-announce/2025100127-CVE-2023-53502-aa6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53503",
"url": "https://lore.kernel.org/linux-cve-announce/2025100127-CVE-2023-53503-d86c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53504",
"url": "https://lore.kernel.org/linux-cve-announce/2025100128-CVE-2023-53504-ccc8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53505",
"url": "https://lore.kernel.org/linux-cve-announce/2025100128-CVE-2023-53505-69f3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53506",
"url": "https://lore.kernel.org/linux-cve-announce/2025100128-CVE-2023-53506-2778@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53507",
"url": "https://lore.kernel.org/linux-cve-announce/2025100129-CVE-2023-53507-1165@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53508",
"url": "https://lore.kernel.org/linux-cve-announce/2025100129-CVE-2023-53508-20d7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53509",
"url": "https://lore.kernel.org/linux-cve-announce/2025100129-CVE-2023-53509-2b4c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53510",
"url": "https://lore.kernel.org/linux-cve-announce/2025100130-CVE-2023-53510-9e6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53511",
"url": "https://lore.kernel.org/linux-cve-announce/2025100130-CVE-2023-53511-99e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53512",
"url": "https://lore.kernel.org/linux-cve-announce/2025100130-CVE-2023-53512-10c7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53513",
"url": "https://lore.kernel.org/linux-cve-announce/2025100130-CVE-2023-53513-4667@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53514",
"url": "https://lore.kernel.org/linux-cve-announce/2025100131-CVE-2023-53514-bcd5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53515",
"url": "https://lore.kernel.org/linux-cve-announce/2025100131-CVE-2023-53515-abe8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53516",
"url": "https://lore.kernel.org/linux-cve-announce/2025100131-CVE-2023-53516-ca63@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53517",
"url": "https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53517-da77@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53518",
"url": "https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53519",
"url": "https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53519-de9d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53520",
"url": "https://lore.kernel.org/linux-cve-announce/2025100133-CVE-2023-53520-a542@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53521",
"url": "https://lore.kernel.org/linux-cve-announce/2025100133-CVE-2023-53521-15e2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53522",
"url": "https://lore.kernel.org/linux-cve-announce/2025100133-CVE-2023-53522-4e19@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53523",
"url": "https://lore.kernel.org/linux-cve-announce/2025100134-CVE-2023-53523-f4d4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53524",
"url": "https://lore.kernel.org/linux-cve-announce/2025100134-CVE-2023-53524-d438@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53525",
"url": "https://lore.kernel.org/linux-cve-announce/2025100134-CVE-2023-53525-ee57@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53526",
"url": "https://lore.kernel.org/linux-cve-announce/2025100135-CVE-2023-53526-ee71@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53527",
"url": "https://lore.kernel.org/linux-cve-announce/2025100135-CVE-2023-53527-3ce7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53528",
"url": "https://lore.kernel.org/linux-cve-announce/2025100135-CVE-2023-53528-0572@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53529",
"url": "https://lore.kernel.org/linux-cve-announce/2025100136-CVE-2023-53529-db9a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53530",
"url": "https://lore.kernel.org/linux-cve-announce/2025100136-CVE-2023-53530-853b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53531",
"url": "https://lore.kernel.org/linux-cve-announce/2025100136-CVE-2023-53531-3c7c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53532",
"url": "https://lore.kernel.org/linux-cve-announce/2025100137-CVE-2023-53532-1627@gregkh/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03613-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022915.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03614-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022911.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03615-1 vom 2025-10-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BVPLWRQN6MVKFQDJSEKN2JP6PMSGIO4Q/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03600-1 vom 2025-10-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VHWHH7ZSMFJ6PQZ3CBDGGCWHNBCWD26Z/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03626-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Z3DYHRRLY43MYRNEEU5SFR4ZRMSPITED/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03628-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O6BEPQBC4GULLYP5G3VVU4ZS37B7I6EV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03634-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022925.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3716-1 vom 2025-10-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022962.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3761-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MLTPAKCOQABZPEY7O35CI42PHK5WNIUQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3751-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMB6RXALFYMRMM4UK7R54RAQRCZJEBH4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20851-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023025.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20861-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023019.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-281 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-281.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-273 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-273.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-272 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-272.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-274 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-274.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-109 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-109.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-271 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-271.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-113 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-113.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3053 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3053.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-280 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-280.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-275 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-275.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-276 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-276.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-282 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-282.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20870-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023060.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-279 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-279.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-278 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-278.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-277 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-277.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20898-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023116.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2025-10-30T23:00:00.000+00:00",
"generator": {
"date": "2025-10-31T09:29:16.964+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2187",
"initial_release_date": "2025-10-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-16T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-19T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T028462",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:unspecified"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4460",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2021-4460"
},
{
"cve": "CVE-2022-50420",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50420"
},
{
"cve": "CVE-2022-50421",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50421"
},
{
"cve": "CVE-2022-50422",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50422"
},
{
"cve": "CVE-2022-50423",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50423"
},
{
"cve": "CVE-2022-50424",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50424"
},
{
"cve": "CVE-2022-50425",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50425"
},
{
"cve": "CVE-2022-50426",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50426"
},
{
"cve": "CVE-2022-50427",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50427"
},
{
"cve": "CVE-2022-50428",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50428"
},
{
"cve": "CVE-2022-50429",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50429"
},
{
"cve": "CVE-2022-50430",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50430"
},
{
"cve": "CVE-2022-50431",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50431"
},
{
"cve": "CVE-2022-50432",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50432"
},
{
"cve": "CVE-2022-50433",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50433"
},
{
"cve": "CVE-2022-50434",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50434"
},
{
"cve": "CVE-2022-50435",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50435"
},
{
"cve": "CVE-2022-50436",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50436"
},
{
"cve": "CVE-2022-50437",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50437"
},
{
"cve": "CVE-2022-50438",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50438"
},
{
"cve": "CVE-2022-50439",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50439"
},
{
"cve": "CVE-2022-50440",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50440"
},
{
"cve": "CVE-2022-50441",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50441"
},
{
"cve": "CVE-2022-50442",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50442"
},
{
"cve": "CVE-2022-50443",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50443"
},
{
"cve": "CVE-2022-50444",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50444"
},
{
"cve": "CVE-2022-50445",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50445"
},
{
"cve": "CVE-2022-50446",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50446"
},
{
"cve": "CVE-2022-50447",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50447"
},
{
"cve": "CVE-2022-50448",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50448"
},
{
"cve": "CVE-2022-50449",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50449"
},
{
"cve": "CVE-2022-50450",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50450"
},
{
"cve": "CVE-2022-50451",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50451"
},
{
"cve": "CVE-2022-50452",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50452"
},
{
"cve": "CVE-2022-50453",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50453"
},
{
"cve": "CVE-2022-50454",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50454"
},
{
"cve": "CVE-2022-50455",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50455"
},
{
"cve": "CVE-2022-50456",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50456"
},
{
"cve": "CVE-2022-50457",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50457"
},
{
"cve": "CVE-2022-50458",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50458"
},
{
"cve": "CVE-2022-50459",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50459"
},
{
"cve": "CVE-2022-50460",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50460"
},
{
"cve": "CVE-2022-50461",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50461"
},
{
"cve": "CVE-2022-50462",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50462"
},
{
"cve": "CVE-2022-50463",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50463"
},
{
"cve": "CVE-2022-50464",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50464"
},
{
"cve": "CVE-2022-50465",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50465"
},
{
"cve": "CVE-2022-50466",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50466"
},
{
"cve": "CVE-2022-50467",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50467"
},
{
"cve": "CVE-2022-50468",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50468"
},
{
"cve": "CVE-2022-50469",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2022-50469"
},
{
"cve": "CVE-2023-34319",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-34319"
},
{
"cve": "CVE-2023-3773",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-3773"
},
{
"cve": "CVE-2023-53448",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53448"
},
{
"cve": "CVE-2023-53449",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53449"
},
{
"cve": "CVE-2023-53450",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53450"
},
{
"cve": "CVE-2023-53451",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53451"
},
{
"cve": "CVE-2023-53452",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53452"
},
{
"cve": "CVE-2023-53453",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53453"
},
{
"cve": "CVE-2023-53454",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53454"
},
{
"cve": "CVE-2023-53455",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53455"
},
{
"cve": "CVE-2023-53456",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53456"
},
{
"cve": "CVE-2023-53457",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53457"
},
{
"cve": "CVE-2023-53458",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53458"
},
{
"cve": "CVE-2023-53459",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53459"
},
{
"cve": "CVE-2023-53460",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53460"
},
{
"cve": "CVE-2023-53461",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53461"
},
{
"cve": "CVE-2023-53462",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53462"
},
{
"cve": "CVE-2023-53463",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53463"
},
{
"cve": "CVE-2023-53464",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53464"
},
{
"cve": "CVE-2023-53465",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53465"
},
{
"cve": "CVE-2023-53466",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53466"
},
{
"cve": "CVE-2023-53467",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53467"
},
{
"cve": "CVE-2023-53468",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53468"
},
{
"cve": "CVE-2023-53469",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53469"
},
{
"cve": "CVE-2023-53470",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53470"
},
{
"cve": "CVE-2023-53471",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53471"
},
{
"cve": "CVE-2023-53472",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53472"
},
{
"cve": "CVE-2023-53473",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53473"
},
{
"cve": "CVE-2023-53474",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53474"
},
{
"cve": "CVE-2023-53475",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53475"
},
{
"cve": "CVE-2023-53476",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53476"
},
{
"cve": "CVE-2023-53477",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53477"
},
{
"cve": "CVE-2023-53478",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53478"
},
{
"cve": "CVE-2023-53479",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53479"
},
{
"cve": "CVE-2023-53480",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53480"
},
{
"cve": "CVE-2023-53481",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53481"
},
{
"cve": "CVE-2023-53482",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53482"
},
{
"cve": "CVE-2023-53483",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53483"
},
{
"cve": "CVE-2023-53484",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53484"
},
{
"cve": "CVE-2023-53485",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53485"
},
{
"cve": "CVE-2023-53486",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53486"
},
{
"cve": "CVE-2023-53487",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53487"
},
{
"cve": "CVE-2023-53488",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53488"
},
{
"cve": "CVE-2023-53489",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53489"
},
{
"cve": "CVE-2023-53490",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53490"
},
{
"cve": "CVE-2023-53491",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53491"
},
{
"cve": "CVE-2023-53492",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53492"
},
{
"cve": "CVE-2023-53493",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53493"
},
{
"cve": "CVE-2023-53494",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53494"
},
{
"cve": "CVE-2023-53495",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53495"
},
{
"cve": "CVE-2023-53496",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53496"
},
{
"cve": "CVE-2023-53497",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53497"
},
{
"cve": "CVE-2023-53498",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53498"
},
{
"cve": "CVE-2023-53499",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53499"
},
{
"cve": "CVE-2023-53500",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53500"
},
{
"cve": "CVE-2023-53501",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53501"
},
{
"cve": "CVE-2023-53502",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53502"
},
{
"cve": "CVE-2023-53503",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53503"
},
{
"cve": "CVE-2023-53504",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53504"
},
{
"cve": "CVE-2023-53505",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53505"
},
{
"cve": "CVE-2023-53506",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53506"
},
{
"cve": "CVE-2023-53507",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53507"
},
{
"cve": "CVE-2023-53508",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53508"
},
{
"cve": "CVE-2023-53509",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53509"
},
{
"cve": "CVE-2023-53510",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53510"
},
{
"cve": "CVE-2023-53511",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53511"
},
{
"cve": "CVE-2023-53512",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53512"
},
{
"cve": "CVE-2023-53513",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53513"
},
{
"cve": "CVE-2023-53514",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53514"
},
{
"cve": "CVE-2023-53515",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53515"
},
{
"cve": "CVE-2023-53516",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53516"
},
{
"cve": "CVE-2023-53517",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53517"
},
{
"cve": "CVE-2023-53518",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53518"
},
{
"cve": "CVE-2023-53519",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53519"
},
{
"cve": "CVE-2023-53520",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53520"
},
{
"cve": "CVE-2023-53521",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53521"
},
{
"cve": "CVE-2023-53522",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53522"
},
{
"cve": "CVE-2023-53523",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53523"
},
{
"cve": "CVE-2023-53524",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53524"
},
{
"cve": "CVE-2023-53525",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53525"
},
{
"cve": "CVE-2023-53526",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53526"
},
{
"cve": "CVE-2023-53527",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53527"
},
{
"cve": "CVE-2023-53528",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53528"
},
{
"cve": "CVE-2023-53529",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53529"
},
{
"cve": "CVE-2023-53530",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53530"
},
{
"cve": "CVE-2023-53531",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53531"
},
{
"cve": "CVE-2023-53532",
"product_status": {
"known_affected": [
"T028462",
"T002207",
"398363"
]
},
"release_date": "2025-10-01T22:00:00.000+00:00",
"title": "CVE-2023-53532"
}
]
}
fkie_cve-2023-53482
Vulnerability from fkie_nvd
Published
2025-10-01 12:15
Modified
2025-10-02 19:12
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
iommu: Fix error unwind in iommu_group_alloc()
If either iommu_group_grate_file() fails then the
iommu_group is leaked.
Destroy it on these error paths.
Found by kselftest/iommu/iommufd_fail_nth
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/4c23124b45ee0aa895ed8d5d08871ae6b15ee336 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/4daa861174d56023c2068ddb03de0752f07fa199 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/8602fa38a63fc689eca29c8c586fac2d8a1f8739 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/f119ef452e2d82d912797273cb790a86f1125b3e |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix error unwind in iommu_group_alloc()\n\nIf either iommu_group_grate_file() fails then the\niommu_group is leaked.\n\nDestroy it on these error paths.\n\nFound by kselftest/iommu/iommufd_fail_nth"
}
],
"id": "CVE-2023-53482",
"lastModified": "2025-10-02T19:12:17.160",
"metrics": {},
"published": "2025-10-01T12:15:50.890",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/4c23124b45ee0aa895ed8d5d08871ae6b15ee336"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/4daa861174d56023c2068ddb03de0752f07fa199"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/8602fa38a63fc689eca29c8c586fac2d8a1f8739"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/f119ef452e2d82d912797273cb790a86f1125b3e"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
suse-su-2025:3761-1
Vulnerability from csaf_suse
Published
2025-10-23 15:04
Modified
2025-10-23 15:04
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160).
- CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} (bsc#1246968).
- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846).
- CVE-2022-50409: net: If sock is dead do not access sock's sk_wq in sk_stream_wait_memory (bsc#1250392).
- CVE-2023-53178: mm: fix zswap writeback race condition (bsc#1249827).
- CVE-2023-53257: wifi: mac80211: check S1G action frame size (bsc#1249869).
- CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313).
- CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1245666).
- CVE-2025-38380: i2c/designware: Fix an initialization issue (bsc#1247028).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220).
- CVE-2025-38706: ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (bsc#1249195).
- CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538).
- CVE-2025-39790: bus: mhi: host: Detect events pointing to unexpected TREs (bsc#1249548).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007).
- CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247).
- CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406).
The following non-security bugs were fixed:
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186).
- Limit patch filenames to 100 characters (bsc#1249604).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- Revert selinux patches that caused regressions (bsc#1249353).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1249158).
- build_bug.h: Add KABI assert (bsc#1249186).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- kabi/severities: ignore kABI for atheros helper modules The symbols are used only internally by atheros drivers.
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- net/sched: ets: use old 'nbands' while purging unused classes (git-fixes).
- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879).
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337).
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- supported.conf: mark hyperv_drm as external
- use uniform permission checks for all mount propagation changes (git-fixes).
- xfs: rework datasync tracking and execution (bsc#1237449).
Patchnames
SUSE-2025-3761,SUSE-SLE-Micro-5.5-2025-3761
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160).\n- CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-\u003e{dev_name,short_name} (bsc#1246968).\n- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846).\n- CVE-2022-50409: net: If sock is dead do not access sock\u0027s sk_wq in sk_stream_wait_memory (bsc#1250392).\n- CVE-2023-53178: mm: fix zswap writeback race condition (bsc#1249827).\n- CVE-2023-53257: wifi: mac80211: check S1G action frame size (bsc#1249869).\n- CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313).\n- CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).\n- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1245666).\n- CVE-2025-38380: i2c/designware: Fix an initialization issue (bsc#1247028).\n- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).\n- CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399).\n- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).\n- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).\n- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).\n- CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220).\n- CVE-2025-38706: ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (bsc#1249195).\n- CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200).\n- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).\n- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).\n- CVE-2025-39703: net, hsr: reject HSR frame if skb can\u0027t hold tag (bsc#1249315).\n- CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266).\n- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).\n- CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538).\n- CVE-2025-39790: bus: mhi: host: Detect events pointing to unexpected TREs (bsc#1249548).\n- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).\n- CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007).\n- CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247).\n- CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406).\n\nThe following non-security bugs were fixed:\n\n- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186).\n- Limit patch filenames to 100 characters (bsc#1249604).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- Revert selinux patches that caused regressions (bsc#1249353).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1249158).\n- build_bug.h: Add KABI assert (bsc#1249186).\n- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).\n- kabi/severities: ignore kABI for atheros helper modules The symbols are used only internally by atheros drivers.\n- kernel-binary: Another installation ordering fix (bsc#1241353).\n- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).\n- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)\n- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).\n- net/sched: ets: use old \u0027nbands\u0027 while purging unused classes (git-fixes).\n- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879).\n- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337).\n- rpm: Configure KABI checkingness macro (bsc#1249186).\n- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).\n- rpm: Link arch-symbols script from scripts directory.\n- rpm: Link guards script from scripts directory.\n- supported.conf: mark hyperv_drm as external\n- use uniform permission checks for all mount propagation changes (git-fixes).\n- xfs: rework datasync tracking and execution (bsc#1237449).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3761,SUSE-SLE-Micro-5.5-2025-3761",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3761-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3761-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253761-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3761-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042280.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1164051",
"url": "https://bugzilla.suse.com/1164051"
},
{
"category": "self",
"summary": "SUSE Bug 1193629",
"url": "https://bugzilla.suse.com/1193629"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1202700",
"url": "https://bugzilla.suse.com/1202700"
},
{
"category": "self",
"summary": "SUSE Bug 1203063",
"url": "https://bugzilla.suse.com/1203063"
},
{
"category": "self",
"summary": "SUSE Bug 1203332",
"url": "https://bugzilla.suse.com/1203332"
},
{
"category": "self",
"summary": "SUSE Bug 1204228",
"url": "https://bugzilla.suse.com/1204228"
},
{
"category": "self",
"summary": "SUSE Bug 1205128",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "self",
"summary": "SUSE Bug 1205205",
"url": "https://bugzilla.suse.com/1205205"
},
{
"category": "self",
"summary": "SUSE Bug 1206451",
"url": "https://bugzilla.suse.com/1206451"
},
{
"category": "self",
"summary": "SUSE Bug 1206456",
"url": "https://bugzilla.suse.com/1206456"
},
{
"category": "self",
"summary": "SUSE Bug 1206468",
"url": "https://bugzilla.suse.com/1206468"
},
{
"category": "self",
"summary": "SUSE Bug 1206843",
"url": "https://bugzilla.suse.com/1206843"
},
{
"category": "self",
"summary": "SUSE Bug 1206883",
"url": "https://bugzilla.suse.com/1206883"
},
{
"category": "self",
"summary": "SUSE Bug 1206884",
"url": "https://bugzilla.suse.com/1206884"
},
{
"category": "self",
"summary": "SUSE Bug 1207158",
"url": "https://bugzilla.suse.com/1207158"
},
{
"category": "self",
"summary": "SUSE Bug 1207361",
"url": "https://bugzilla.suse.com/1207361"
},
{
"category": "self",
"summary": "SUSE Bug 1207621",
"url": "https://bugzilla.suse.com/1207621"
},
{
"category": "self",
"summary": "SUSE Bug 1207624",
"url": "https://bugzilla.suse.com/1207624"
},
{
"category": "self",
"summary": "SUSE Bug 1207625",
"url": "https://bugzilla.suse.com/1207625"
},
{
"category": "self",
"summary": "SUSE Bug 1207628",
"url": "https://bugzilla.suse.com/1207628"
},
{
"category": "self",
"summary": "SUSE Bug 1207629",
"url": "https://bugzilla.suse.com/1207629"
},
{
"category": "self",
"summary": "SUSE Bug 1207631",
"url": "https://bugzilla.suse.com/1207631"
},
{
"category": "self",
"summary": "SUSE Bug 1207645",
"url": "https://bugzilla.suse.com/1207645"
},
{
"category": "self",
"summary": "SUSE Bug 1207651",
"url": "https://bugzilla.suse.com/1207651"
},
{
"category": "self",
"summary": "SUSE Bug 1208607",
"url": "https://bugzilla.suse.com/1208607"
},
{
"category": "self",
"summary": "SUSE Bug 1209287",
"url": "https://bugzilla.suse.com/1209287"
},
{
"category": "self",
"summary": "SUSE Bug 1209291",
"url": "https://bugzilla.suse.com/1209291"
},
{
"category": "self",
"summary": "SUSE Bug 1209980",
"url": "https://bugzilla.suse.com/1209980"
},
{
"category": "self",
"summary": "SUSE Bug 1210584",
"url": "https://bugzilla.suse.com/1210584"
},
{
"category": "self",
"summary": "SUSE Bug 1211960",
"url": "https://bugzilla.suse.com/1211960"
},
{
"category": "self",
"summary": "SUSE Bug 1212603",
"url": "https://bugzilla.suse.com/1212603"
},
{
"category": "self",
"summary": "SUSE Bug 1213015",
"url": "https://bugzilla.suse.com/1213015"
},
{
"category": "self",
"summary": "SUSE Bug 1213016",
"url": "https://bugzilla.suse.com/1213016"
},
{
"category": "self",
"summary": "SUSE Bug 1213040",
"url": "https://bugzilla.suse.com/1213040"
},
{
"category": "self",
"summary": "SUSE Bug 1213041",
"url": "https://bugzilla.suse.com/1213041"
},
{
"category": "self",
"summary": "SUSE Bug 1213061",
"url": "https://bugzilla.suse.com/1213061"
},
{
"category": "self",
"summary": "SUSE Bug 1213099",
"url": "https://bugzilla.suse.com/1213099"
},
{
"category": "self",
"summary": "SUSE Bug 1213104",
"url": "https://bugzilla.suse.com/1213104"
},
{
"category": "self",
"summary": "SUSE Bug 1213533",
"url": "https://bugzilla.suse.com/1213533"
},
{
"category": "self",
"summary": "SUSE Bug 1213666",
"url": "https://bugzilla.suse.com/1213666"
},
{
"category": "self",
"summary": "SUSE Bug 1213747",
"url": "https://bugzilla.suse.com/1213747"
},
{
"category": "self",
"summary": "SUSE Bug 1214073",
"url": "https://bugzilla.suse.com/1214073"
},
{
"category": "self",
"summary": "SUSE Bug 1214953",
"url": "https://bugzilla.suse.com/1214953"
},
{
"category": "self",
"summary": "SUSE Bug 1214967",
"url": "https://bugzilla.suse.com/1214967"
},
{
"category": "self",
"summary": "SUSE Bug 1215150",
"url": "https://bugzilla.suse.com/1215150"
},
{
"category": "self",
"summary": "SUSE Bug 1215696",
"url": "https://bugzilla.suse.com/1215696"
},
{
"category": "self",
"summary": "SUSE Bug 1215911",
"url": "https://bugzilla.suse.com/1215911"
},
{
"category": "self",
"summary": "SUSE Bug 1216976",
"url": "https://bugzilla.suse.com/1216976"
},
{
"category": "self",
"summary": "SUSE Bug 1217790",
"url": "https://bugzilla.suse.com/1217790"
},
{
"category": "self",
"summary": "SUSE Bug 1220185",
"url": "https://bugzilla.suse.com/1220185"
},
{
"category": "self",
"summary": "SUSE Bug 1220186",
"url": "https://bugzilla.suse.com/1220186"
},
{
"category": "self",
"summary": "SUSE Bug 1223959",
"url": "https://bugzilla.suse.com/1223959"
},
{
"category": "self",
"summary": "SUSE Bug 1234639",
"url": "https://bugzilla.suse.com/1234639"
},
{
"category": "self",
"summary": "SUSE Bug 1236104",
"url": "https://bugzilla.suse.com/1236104"
},
{
"category": "self",
"summary": "SUSE Bug 1237449",
"url": "https://bugzilla.suse.com/1237449"
},
{
"category": "self",
"summary": "SUSE Bug 1238160",
"url": "https://bugzilla.suse.com/1238160"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1245666",
"url": "https://bugzilla.suse.com/1245666"
},
{
"category": "self",
"summary": "SUSE Bug 1246879",
"url": "https://bugzilla.suse.com/1246879"
},
{
"category": "self",
"summary": "SUSE Bug 1246968",
"url": "https://bugzilla.suse.com/1246968"
},
{
"category": "self",
"summary": "SUSE Bug 1247028",
"url": "https://bugzilla.suse.com/1247028"
},
{
"category": "self",
"summary": "SUSE Bug 1247172",
"url": "https://bugzilla.suse.com/1247172"
},
{
"category": "self",
"summary": "SUSE Bug 1247239",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248111",
"url": "https://bugzilla.suse.com/1248111"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248628",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "self",
"summary": "SUSE Bug 1248639",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "self",
"summary": "SUSE Bug 1248847",
"url": "https://bugzilla.suse.com/1248847"
},
{
"category": "self",
"summary": "SUSE Bug 1249126",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "self",
"summary": "SUSE Bug 1249158",
"url": "https://bugzilla.suse.com/1249158"
},
{
"category": "self",
"summary": "SUSE Bug 1249159",
"url": "https://bugzilla.suse.com/1249159"
},
{
"category": "self",
"summary": "SUSE Bug 1249186",
"url": "https://bugzilla.suse.com/1249186"
},
{
"category": "self",
"summary": "SUSE Bug 1249195",
"url": "https://bugzilla.suse.com/1249195"
},
{
"category": "self",
"summary": "SUSE Bug 1249200",
"url": "https://bugzilla.suse.com/1249200"
},
{
"category": "self",
"summary": "SUSE Bug 1249220",
"url": "https://bugzilla.suse.com/1249220"
},
{
"category": "self",
"summary": "SUSE Bug 1249266",
"url": "https://bugzilla.suse.com/1249266"
},
{
"category": "self",
"summary": "SUSE Bug 1249315",
"url": "https://bugzilla.suse.com/1249315"
},
{
"category": "self",
"summary": "SUSE Bug 1249324",
"url": "https://bugzilla.suse.com/1249324"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE Bug 1249353",
"url": "https://bugzilla.suse.com/1249353"
},
{
"category": "self",
"summary": "SUSE Bug 1249374",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "self",
"summary": "SUSE Bug 1249516",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "self",
"summary": "SUSE Bug 1249538",
"url": "https://bugzilla.suse.com/1249538"
},
{
"category": "self",
"summary": "SUSE Bug 1249548",
"url": "https://bugzilla.suse.com/1249548"
},
{
"category": "self",
"summary": "SUSE Bug 1249604",
"url": "https://bugzilla.suse.com/1249604"
},
{
"category": "self",
"summary": "SUSE Bug 1249638",
"url": "https://bugzilla.suse.com/1249638"
},
{
"category": "self",
"summary": "SUSE Bug 1249639",
"url": "https://bugzilla.suse.com/1249639"
},
{
"category": "self",
"summary": "SUSE Bug 1249641",
"url": "https://bugzilla.suse.com/1249641"
},
{
"category": "self",
"summary": "SUSE Bug 1249642",
"url": "https://bugzilla.suse.com/1249642"
},
{
"category": "self",
"summary": "SUSE Bug 1249648",
"url": "https://bugzilla.suse.com/1249648"
},
{
"category": "self",
"summary": "SUSE Bug 1249650",
"url": "https://bugzilla.suse.com/1249650"
},
{
"category": "self",
"summary": "SUSE Bug 1249651",
"url": "https://bugzilla.suse.com/1249651"
},
{
"category": "self",
"summary": "SUSE Bug 1249658",
"url": "https://bugzilla.suse.com/1249658"
},
{
"category": "self",
"summary": "SUSE Bug 1249661",
"url": "https://bugzilla.suse.com/1249661"
},
{
"category": "self",
"summary": "SUSE Bug 1249664",
"url": "https://bugzilla.suse.com/1249664"
},
{
"category": "self",
"summary": "SUSE Bug 1249667",
"url": "https://bugzilla.suse.com/1249667"
},
{
"category": "self",
"summary": "SUSE Bug 1249669",
"url": "https://bugzilla.suse.com/1249669"
},
{
"category": "self",
"summary": "SUSE Bug 1249673",
"url": "https://bugzilla.suse.com/1249673"
},
{
"category": "self",
"summary": "SUSE Bug 1249677",
"url": "https://bugzilla.suse.com/1249677"
},
{
"category": "self",
"summary": "SUSE Bug 1249681",
"url": "https://bugzilla.suse.com/1249681"
},
{
"category": "self",
"summary": "SUSE Bug 1249683",
"url": "https://bugzilla.suse.com/1249683"
},
{
"category": "self",
"summary": "SUSE Bug 1249685",
"url": "https://bugzilla.suse.com/1249685"
},
{
"category": "self",
"summary": "SUSE Bug 1249687",
"url": "https://bugzilla.suse.com/1249687"
},
{
"category": "self",
"summary": "SUSE Bug 1249691",
"url": "https://bugzilla.suse.com/1249691"
},
{
"category": "self",
"summary": "SUSE Bug 1249695",
"url": "https://bugzilla.suse.com/1249695"
},
{
"category": "self",
"summary": "SUSE Bug 1249696",
"url": "https://bugzilla.suse.com/1249696"
},
{
"category": "self",
"summary": "SUSE Bug 1249699",
"url": "https://bugzilla.suse.com/1249699"
},
{
"category": "self",
"summary": "SUSE Bug 1249700",
"url": "https://bugzilla.suse.com/1249700"
},
{
"category": "self",
"summary": "SUSE Bug 1249701",
"url": "https://bugzilla.suse.com/1249701"
},
{
"category": "self",
"summary": "SUSE Bug 1249704",
"url": "https://bugzilla.suse.com/1249704"
},
{
"category": "self",
"summary": "SUSE Bug 1249705",
"url": "https://bugzilla.suse.com/1249705"
},
{
"category": "self",
"summary": "SUSE Bug 1249706",
"url": "https://bugzilla.suse.com/1249706"
},
{
"category": "self",
"summary": "SUSE Bug 1249707",
"url": "https://bugzilla.suse.com/1249707"
},
{
"category": "self",
"summary": "SUSE Bug 1249708",
"url": "https://bugzilla.suse.com/1249708"
},
{
"category": "self",
"summary": "SUSE Bug 1249709",
"url": "https://bugzilla.suse.com/1249709"
},
{
"category": "self",
"summary": "SUSE Bug 1249712",
"url": "https://bugzilla.suse.com/1249712"
},
{
"category": "self",
"summary": "SUSE Bug 1249713",
"url": "https://bugzilla.suse.com/1249713"
},
{
"category": "self",
"summary": "SUSE Bug 1249715",
"url": "https://bugzilla.suse.com/1249715"
},
{
"category": "self",
"summary": "SUSE Bug 1249716",
"url": "https://bugzilla.suse.com/1249716"
},
{
"category": "self",
"summary": "SUSE Bug 1249718",
"url": "https://bugzilla.suse.com/1249718"
},
{
"category": "self",
"summary": "SUSE Bug 1249722",
"url": "https://bugzilla.suse.com/1249722"
},
{
"category": "self",
"summary": "SUSE Bug 1249727",
"url": "https://bugzilla.suse.com/1249727"
},
{
"category": "self",
"summary": "SUSE Bug 1249730",
"url": "https://bugzilla.suse.com/1249730"
},
{
"category": "self",
"summary": "SUSE Bug 1249733",
"url": "https://bugzilla.suse.com/1249733"
},
{
"category": "self",
"summary": "SUSE Bug 1249734",
"url": "https://bugzilla.suse.com/1249734"
},
{
"category": "self",
"summary": "SUSE Bug 1249739",
"url": "https://bugzilla.suse.com/1249739"
},
{
"category": "self",
"summary": "SUSE Bug 1249740",
"url": "https://bugzilla.suse.com/1249740"
},
{
"category": "self",
"summary": "SUSE Bug 1249741",
"url": "https://bugzilla.suse.com/1249741"
},
{
"category": "self",
"summary": "SUSE Bug 1249742",
"url": "https://bugzilla.suse.com/1249742"
},
{
"category": "self",
"summary": "SUSE Bug 1249743",
"url": "https://bugzilla.suse.com/1249743"
},
{
"category": "self",
"summary": "SUSE Bug 1249745",
"url": "https://bugzilla.suse.com/1249745"
},
{
"category": "self",
"summary": "SUSE Bug 1249746",
"url": "https://bugzilla.suse.com/1249746"
},
{
"category": "self",
"summary": "SUSE Bug 1249747",
"url": "https://bugzilla.suse.com/1249747"
},
{
"category": "self",
"summary": "SUSE Bug 1249749",
"url": "https://bugzilla.suse.com/1249749"
},
{
"category": "self",
"summary": "SUSE Bug 1249750",
"url": "https://bugzilla.suse.com/1249750"
},
{
"category": "self",
"summary": "SUSE Bug 1249751",
"url": "https://bugzilla.suse.com/1249751"
},
{
"category": "self",
"summary": "SUSE Bug 1249753",
"url": "https://bugzilla.suse.com/1249753"
},
{
"category": "self",
"summary": "SUSE Bug 1249756",
"url": "https://bugzilla.suse.com/1249756"
},
{
"category": "self",
"summary": "SUSE Bug 1249757",
"url": "https://bugzilla.suse.com/1249757"
},
{
"category": "self",
"summary": "SUSE Bug 1249758",
"url": "https://bugzilla.suse.com/1249758"
},
{
"category": "self",
"summary": "SUSE Bug 1249762",
"url": "https://bugzilla.suse.com/1249762"
},
{
"category": "self",
"summary": "SUSE Bug 1249767",
"url": "https://bugzilla.suse.com/1249767"
},
{
"category": "self",
"summary": "SUSE Bug 1249777",
"url": "https://bugzilla.suse.com/1249777"
},
{
"category": "self",
"summary": "SUSE Bug 1249780",
"url": "https://bugzilla.suse.com/1249780"
},
{
"category": "self",
"summary": "SUSE Bug 1249781",
"url": "https://bugzilla.suse.com/1249781"
},
{
"category": "self",
"summary": "SUSE Bug 1249782",
"url": "https://bugzilla.suse.com/1249782"
},
{
"category": "self",
"summary": "SUSE Bug 1249784",
"url": "https://bugzilla.suse.com/1249784"
},
{
"category": "self",
"summary": "SUSE Bug 1249791",
"url": "https://bugzilla.suse.com/1249791"
},
{
"category": "self",
"summary": "SUSE Bug 1249799",
"url": "https://bugzilla.suse.com/1249799"
},
{
"category": "self",
"summary": "SUSE Bug 1249800",
"url": "https://bugzilla.suse.com/1249800"
},
{
"category": "self",
"summary": "SUSE Bug 1249802",
"url": "https://bugzilla.suse.com/1249802"
},
{
"category": "self",
"summary": "SUSE Bug 1249808",
"url": "https://bugzilla.suse.com/1249808"
},
{
"category": "self",
"summary": "SUSE Bug 1249810",
"url": "https://bugzilla.suse.com/1249810"
},
{
"category": "self",
"summary": "SUSE Bug 1249816",
"url": "https://bugzilla.suse.com/1249816"
},
{
"category": "self",
"summary": "SUSE Bug 1249820",
"url": "https://bugzilla.suse.com/1249820"
},
{
"category": "self",
"summary": "SUSE Bug 1249824",
"url": "https://bugzilla.suse.com/1249824"
},
{
"category": "self",
"summary": "SUSE Bug 1249825",
"url": "https://bugzilla.suse.com/1249825"
},
{
"category": "self",
"summary": "SUSE Bug 1249827",
"url": "https://bugzilla.suse.com/1249827"
},
{
"category": "self",
"summary": "SUSE Bug 1249836",
"url": "https://bugzilla.suse.com/1249836"
},
{
"category": "self",
"summary": "SUSE Bug 1249840",
"url": "https://bugzilla.suse.com/1249840"
},
{
"category": "self",
"summary": "SUSE Bug 1249844",
"url": "https://bugzilla.suse.com/1249844"
},
{
"category": "self",
"summary": "SUSE Bug 1249846",
"url": "https://bugzilla.suse.com/1249846"
},
{
"category": "self",
"summary": "SUSE Bug 1249853",
"url": "https://bugzilla.suse.com/1249853"
},
{
"category": "self",
"summary": "SUSE Bug 1249858",
"url": "https://bugzilla.suse.com/1249858"
},
{
"category": "self",
"summary": "SUSE Bug 1249860",
"url": "https://bugzilla.suse.com/1249860"
},
{
"category": "self",
"summary": "SUSE Bug 1249861",
"url": "https://bugzilla.suse.com/1249861"
},
{
"category": "self",
"summary": "SUSE Bug 1249864",
"url": "https://bugzilla.suse.com/1249864"
},
{
"category": "self",
"summary": "SUSE Bug 1249865",
"url": "https://bugzilla.suse.com/1249865"
},
{
"category": "self",
"summary": "SUSE Bug 1249866",
"url": "https://bugzilla.suse.com/1249866"
},
{
"category": "self",
"summary": "SUSE Bug 1249867",
"url": "https://bugzilla.suse.com/1249867"
},
{
"category": "self",
"summary": "SUSE Bug 1249868",
"url": "https://bugzilla.suse.com/1249868"
},
{
"category": "self",
"summary": "SUSE Bug 1249869",
"url": "https://bugzilla.suse.com/1249869"
},
{
"category": "self",
"summary": "SUSE Bug 1249872",
"url": "https://bugzilla.suse.com/1249872"
},
{
"category": "self",
"summary": "SUSE Bug 1249874",
"url": "https://bugzilla.suse.com/1249874"
},
{
"category": "self",
"summary": "SUSE Bug 1249877",
"url": "https://bugzilla.suse.com/1249877"
},
{
"category": "self",
"summary": "SUSE Bug 1249880",
"url": "https://bugzilla.suse.com/1249880"
},
{
"category": "self",
"summary": "SUSE Bug 1249882",
"url": "https://bugzilla.suse.com/1249882"
},
{
"category": "self",
"summary": "SUSE Bug 1249883",
"url": "https://bugzilla.suse.com/1249883"
},
{
"category": "self",
"summary": "SUSE Bug 1249884",
"url": "https://bugzilla.suse.com/1249884"
},
{
"category": "self",
"summary": "SUSE Bug 1249885",
"url": "https://bugzilla.suse.com/1249885"
},
{
"category": "self",
"summary": "SUSE Bug 1249890",
"url": "https://bugzilla.suse.com/1249890"
},
{
"category": "self",
"summary": "SUSE Bug 1249892",
"url": "https://bugzilla.suse.com/1249892"
},
{
"category": "self",
"summary": "SUSE Bug 1249894",
"url": "https://bugzilla.suse.com/1249894"
},
{
"category": "self",
"summary": "SUSE Bug 1249908",
"url": "https://bugzilla.suse.com/1249908"
},
{
"category": "self",
"summary": "SUSE Bug 1249910",
"url": "https://bugzilla.suse.com/1249910"
},
{
"category": "self",
"summary": "SUSE Bug 1249911",
"url": "https://bugzilla.suse.com/1249911"
},
{
"category": "self",
"summary": "SUSE Bug 1249913",
"url": "https://bugzilla.suse.com/1249913"
},
{
"category": "self",
"summary": "SUSE Bug 1249914",
"url": "https://bugzilla.suse.com/1249914"
},
{
"category": "self",
"summary": "SUSE Bug 1249917",
"url": "https://bugzilla.suse.com/1249917"
},
{
"category": "self",
"summary": "SUSE Bug 1249918",
"url": "https://bugzilla.suse.com/1249918"
},
{
"category": "self",
"summary": "SUSE Bug 1249920",
"url": "https://bugzilla.suse.com/1249920"
},
{
"category": "self",
"summary": "SUSE Bug 1249923",
"url": "https://bugzilla.suse.com/1249923"
},
{
"category": "self",
"summary": "SUSE Bug 1249924",
"url": "https://bugzilla.suse.com/1249924"
},
{
"category": "self",
"summary": "SUSE Bug 1249925",
"url": "https://bugzilla.suse.com/1249925"
},
{
"category": "self",
"summary": "SUSE Bug 1249927",
"url": "https://bugzilla.suse.com/1249927"
},
{
"category": "self",
"summary": "SUSE Bug 1249928",
"url": "https://bugzilla.suse.com/1249928"
},
{
"category": "self",
"summary": "SUSE Bug 1249930",
"url": "https://bugzilla.suse.com/1249930"
},
{
"category": "self",
"summary": "SUSE Bug 1249933",
"url": "https://bugzilla.suse.com/1249933"
},
{
"category": "self",
"summary": "SUSE Bug 1249934",
"url": "https://bugzilla.suse.com/1249934"
},
{
"category": "self",
"summary": "SUSE Bug 1249936",
"url": "https://bugzilla.suse.com/1249936"
},
{
"category": "self",
"summary": "SUSE Bug 1249938",
"url": "https://bugzilla.suse.com/1249938"
},
{
"category": "self",
"summary": "SUSE Bug 1249939",
"url": "https://bugzilla.suse.com/1249939"
},
{
"category": "self",
"summary": "SUSE Bug 1249940",
"url": "https://bugzilla.suse.com/1249940"
},
{
"category": "self",
"summary": "SUSE Bug 1249944",
"url": "https://bugzilla.suse.com/1249944"
},
{
"category": "self",
"summary": "SUSE Bug 1249947",
"url": "https://bugzilla.suse.com/1249947"
},
{
"category": "self",
"summary": "SUSE Bug 1249949",
"url": "https://bugzilla.suse.com/1249949"
},
{
"category": "self",
"summary": "SUSE Bug 1249950",
"url": "https://bugzilla.suse.com/1249950"
},
{
"category": "self",
"summary": "SUSE Bug 1249951",
"url": "https://bugzilla.suse.com/1249951"
},
{
"category": "self",
"summary": "SUSE Bug 1249954",
"url": "https://bugzilla.suse.com/1249954"
},
{
"category": "self",
"summary": "SUSE Bug 1249958",
"url": "https://bugzilla.suse.com/1249958"
},
{
"category": "self",
"summary": "SUSE Bug 1249979",
"url": "https://bugzilla.suse.com/1249979"
},
{
"category": "self",
"summary": "SUSE Bug 1249981",
"url": "https://bugzilla.suse.com/1249981"
},
{
"category": "self",
"summary": "SUSE Bug 1249991",
"url": "https://bugzilla.suse.com/1249991"
},
{
"category": "self",
"summary": "SUSE Bug 1249994",
"url": "https://bugzilla.suse.com/1249994"
},
{
"category": "self",
"summary": "SUSE Bug 1249997",
"url": "https://bugzilla.suse.com/1249997"
},
{
"category": "self",
"summary": "SUSE Bug 1250002",
"url": "https://bugzilla.suse.com/1250002"
},
{
"category": "self",
"summary": "SUSE Bug 1250006",
"url": "https://bugzilla.suse.com/1250006"
},
{
"category": "self",
"summary": "SUSE Bug 1250007",
"url": "https://bugzilla.suse.com/1250007"
},
{
"category": "self",
"summary": "SUSE Bug 1250009",
"url": "https://bugzilla.suse.com/1250009"
},
{
"category": "self",
"summary": "SUSE Bug 1250010",
"url": "https://bugzilla.suse.com/1250010"
},
{
"category": "self",
"summary": "SUSE Bug 1250011",
"url": "https://bugzilla.suse.com/1250011"
},
{
"category": "self",
"summary": "SUSE Bug 1250014",
"url": "https://bugzilla.suse.com/1250014"
},
{
"category": "self",
"summary": "SUSE Bug 1250015",
"url": "https://bugzilla.suse.com/1250015"
},
{
"category": "self",
"summary": "SUSE Bug 1250017",
"url": "https://bugzilla.suse.com/1250017"
},
{
"category": "self",
"summary": "SUSE Bug 1250023",
"url": "https://bugzilla.suse.com/1250023"
},
{
"category": "self",
"summary": "SUSE Bug 1250024",
"url": "https://bugzilla.suse.com/1250024"
},
{
"category": "self",
"summary": "SUSE Bug 1250026",
"url": "https://bugzilla.suse.com/1250026"
},
{
"category": "self",
"summary": "SUSE Bug 1250037",
"url": "https://bugzilla.suse.com/1250037"
},
{
"category": "self",
"summary": "SUSE Bug 1250039",
"url": "https://bugzilla.suse.com/1250039"
},
{
"category": "self",
"summary": "SUSE Bug 1250040",
"url": "https://bugzilla.suse.com/1250040"
},
{
"category": "self",
"summary": "SUSE Bug 1250041",
"url": "https://bugzilla.suse.com/1250041"
},
{
"category": "self",
"summary": "SUSE Bug 1250042",
"url": "https://bugzilla.suse.com/1250042"
},
{
"category": "self",
"summary": "SUSE Bug 1250044",
"url": "https://bugzilla.suse.com/1250044"
},
{
"category": "self",
"summary": "SUSE Bug 1250047",
"url": "https://bugzilla.suse.com/1250047"
},
{
"category": "self",
"summary": "SUSE Bug 1250049",
"url": "https://bugzilla.suse.com/1250049"
},
{
"category": "self",
"summary": "SUSE Bug 1250052",
"url": "https://bugzilla.suse.com/1250052"
},
{
"category": "self",
"summary": "SUSE Bug 1250055",
"url": "https://bugzilla.suse.com/1250055"
},
{
"category": "self",
"summary": "SUSE Bug 1250058",
"url": "https://bugzilla.suse.com/1250058"
},
{
"category": "self",
"summary": "SUSE Bug 1250060",
"url": "https://bugzilla.suse.com/1250060"
},
{
"category": "self",
"summary": "SUSE Bug 1250062",
"url": "https://bugzilla.suse.com/1250062"
},
{
"category": "self",
"summary": "SUSE Bug 1250065",
"url": "https://bugzilla.suse.com/1250065"
},
{
"category": "self",
"summary": "SUSE Bug 1250066",
"url": "https://bugzilla.suse.com/1250066"
},
{
"category": "self",
"summary": "SUSE Bug 1250068",
"url": "https://bugzilla.suse.com/1250068"
},
{
"category": "self",
"summary": "SUSE Bug 1250070",
"url": "https://bugzilla.suse.com/1250070"
},
{
"category": "self",
"summary": "SUSE Bug 1250071",
"url": "https://bugzilla.suse.com/1250071"
},
{
"category": "self",
"summary": "SUSE Bug 1250072",
"url": "https://bugzilla.suse.com/1250072"
},
{
"category": "self",
"summary": "SUSE Bug 1250075",
"url": "https://bugzilla.suse.com/1250075"
},
{
"category": "self",
"summary": "SUSE Bug 1250077",
"url": "https://bugzilla.suse.com/1250077"
},
{
"category": "self",
"summary": "SUSE Bug 1250080",
"url": "https://bugzilla.suse.com/1250080"
},
{
"category": "self",
"summary": "SUSE Bug 1250081",
"url": "https://bugzilla.suse.com/1250081"
},
{
"category": "self",
"summary": "SUSE Bug 1250083",
"url": "https://bugzilla.suse.com/1250083"
},
{
"category": "self",
"summary": "SUSE Bug 1250089",
"url": "https://bugzilla.suse.com/1250089"
},
{
"category": "self",
"summary": "SUSE Bug 1250103",
"url": "https://bugzilla.suse.com/1250103"
},
{
"category": "self",
"summary": "SUSE Bug 1250104",
"url": "https://bugzilla.suse.com/1250104"
},
{
"category": "self",
"summary": "SUSE Bug 1250105",
"url": "https://bugzilla.suse.com/1250105"
},
{
"category": "self",
"summary": "SUSE Bug 1250106",
"url": "https://bugzilla.suse.com/1250106"
},
{
"category": "self",
"summary": "SUSE Bug 1250107",
"url": "https://bugzilla.suse.com/1250107"
},
{
"category": "self",
"summary": "SUSE Bug 1250108",
"url": "https://bugzilla.suse.com/1250108"
},
{
"category": "self",
"summary": "SUSE Bug 1250112",
"url": "https://bugzilla.suse.com/1250112"
},
{
"category": "self",
"summary": "SUSE Bug 1250114",
"url": "https://bugzilla.suse.com/1250114"
},
{
"category": "self",
"summary": "SUSE Bug 1250117",
"url": "https://bugzilla.suse.com/1250117"
},
{
"category": "self",
"summary": "SUSE Bug 1250118",
"url": "https://bugzilla.suse.com/1250118"
},
{
"category": "self",
"summary": "SUSE Bug 1250121",
"url": "https://bugzilla.suse.com/1250121"
},
{
"category": "self",
"summary": "SUSE Bug 1250127",
"url": "https://bugzilla.suse.com/1250127"
},
{
"category": "self",
"summary": "SUSE Bug 1250128",
"url": "https://bugzilla.suse.com/1250128"
},
{
"category": "self",
"summary": "SUSE Bug 1250130",
"url": "https://bugzilla.suse.com/1250130"
},
{
"category": "self",
"summary": "SUSE Bug 1250131",
"url": "https://bugzilla.suse.com/1250131"
},
{
"category": "self",
"summary": "SUSE Bug 1250132",
"url": "https://bugzilla.suse.com/1250132"
},
{
"category": "self",
"summary": "SUSE Bug 1250134",
"url": "https://bugzilla.suse.com/1250134"
},
{
"category": "self",
"summary": "SUSE Bug 1250137",
"url": "https://bugzilla.suse.com/1250137"
},
{
"category": "self",
"summary": "SUSE Bug 1250138",
"url": "https://bugzilla.suse.com/1250138"
},
{
"category": "self",
"summary": "SUSE Bug 1250140",
"url": "https://bugzilla.suse.com/1250140"
},
{
"category": "self",
"summary": "SUSE Bug 1250144",
"url": "https://bugzilla.suse.com/1250144"
},
{
"category": "self",
"summary": "SUSE Bug 1250145",
"url": "https://bugzilla.suse.com/1250145"
},
{
"category": "self",
"summary": "SUSE Bug 1250151",
"url": "https://bugzilla.suse.com/1250151"
},
{
"category": "self",
"summary": "SUSE Bug 1250153",
"url": "https://bugzilla.suse.com/1250153"
},
{
"category": "self",
"summary": "SUSE Bug 1250156",
"url": "https://bugzilla.suse.com/1250156"
},
{
"category": "self",
"summary": "SUSE Bug 1250157",
"url": "https://bugzilla.suse.com/1250157"
},
{
"category": "self",
"summary": "SUSE Bug 1250159",
"url": "https://bugzilla.suse.com/1250159"
},
{
"category": "self",
"summary": "SUSE Bug 1250161",
"url": "https://bugzilla.suse.com/1250161"
},
{
"category": "self",
"summary": "SUSE Bug 1250165",
"url": "https://bugzilla.suse.com/1250165"
},
{
"category": "self",
"summary": "SUSE Bug 1250168",
"url": "https://bugzilla.suse.com/1250168"
},
{
"category": "self",
"summary": "SUSE Bug 1250178",
"url": "https://bugzilla.suse.com/1250178"
},
{
"category": "self",
"summary": "SUSE Bug 1250180",
"url": "https://bugzilla.suse.com/1250180"
},
{
"category": "self",
"summary": "SUSE Bug 1250181",
"url": "https://bugzilla.suse.com/1250181"
},
{
"category": "self",
"summary": "SUSE Bug 1250182",
"url": "https://bugzilla.suse.com/1250182"
},
{
"category": "self",
"summary": "SUSE Bug 1250183",
"url": "https://bugzilla.suse.com/1250183"
},
{
"category": "self",
"summary": "SUSE Bug 1250184",
"url": "https://bugzilla.suse.com/1250184"
},
{
"category": "self",
"summary": "SUSE Bug 1250187",
"url": "https://bugzilla.suse.com/1250187"
},
{
"category": "self",
"summary": "SUSE Bug 1250189",
"url": "https://bugzilla.suse.com/1250189"
},
{
"category": "self",
"summary": "SUSE Bug 1250191",
"url": "https://bugzilla.suse.com/1250191"
},
{
"category": "self",
"summary": "SUSE Bug 1250197",
"url": "https://bugzilla.suse.com/1250197"
},
{
"category": "self",
"summary": "SUSE Bug 1250198",
"url": "https://bugzilla.suse.com/1250198"
},
{
"category": "self",
"summary": "SUSE Bug 1250200",
"url": "https://bugzilla.suse.com/1250200"
},
{
"category": "self",
"summary": "SUSE Bug 1250201",
"url": "https://bugzilla.suse.com/1250201"
},
{
"category": "self",
"summary": "SUSE Bug 1250208",
"url": "https://bugzilla.suse.com/1250208"
},
{
"category": "self",
"summary": "SUSE Bug 1250209",
"url": "https://bugzilla.suse.com/1250209"
},
{
"category": "self",
"summary": "SUSE Bug 1250211",
"url": "https://bugzilla.suse.com/1250211"
},
{
"category": "self",
"summary": "SUSE Bug 1250215",
"url": "https://bugzilla.suse.com/1250215"
},
{
"category": "self",
"summary": "SUSE Bug 1250245",
"url": "https://bugzilla.suse.com/1250245"
},
{
"category": "self",
"summary": "SUSE Bug 1250247",
"url": "https://bugzilla.suse.com/1250247"
},
{
"category": "self",
"summary": "SUSE Bug 1250250",
"url": "https://bugzilla.suse.com/1250250"
},
{
"category": "self",
"summary": "SUSE Bug 1250257",
"url": "https://bugzilla.suse.com/1250257"
},
{
"category": "self",
"summary": "SUSE Bug 1250264",
"url": "https://bugzilla.suse.com/1250264"
},
{
"category": "self",
"summary": "SUSE Bug 1250269",
"url": "https://bugzilla.suse.com/1250269"
},
{
"category": "self",
"summary": "SUSE Bug 1250277",
"url": "https://bugzilla.suse.com/1250277"
},
{
"category": "self",
"summary": "SUSE Bug 1250278",
"url": "https://bugzilla.suse.com/1250278"
},
{
"category": "self",
"summary": "SUSE Bug 1250285",
"url": "https://bugzilla.suse.com/1250285"
},
{
"category": "self",
"summary": "SUSE Bug 1250287",
"url": "https://bugzilla.suse.com/1250287"
},
{
"category": "self",
"summary": "SUSE Bug 1250293",
"url": "https://bugzilla.suse.com/1250293"
},
{
"category": "self",
"summary": "SUSE Bug 1250301",
"url": "https://bugzilla.suse.com/1250301"
},
{
"category": "self",
"summary": "SUSE Bug 1250303",
"url": "https://bugzilla.suse.com/1250303"
},
{
"category": "self",
"summary": "SUSE Bug 1250306",
"url": "https://bugzilla.suse.com/1250306"
},
{
"category": "self",
"summary": "SUSE Bug 1250309",
"url": "https://bugzilla.suse.com/1250309"
},
{
"category": "self",
"summary": "SUSE Bug 1250311",
"url": "https://bugzilla.suse.com/1250311"
},
{
"category": "self",
"summary": "SUSE Bug 1250313",
"url": "https://bugzilla.suse.com/1250313"
},
{
"category": "self",
"summary": "SUSE Bug 1250315",
"url": "https://bugzilla.suse.com/1250315"
},
{
"category": "self",
"summary": "SUSE Bug 1250316",
"url": "https://bugzilla.suse.com/1250316"
},
{
"category": "self",
"summary": "SUSE Bug 1250322",
"url": "https://bugzilla.suse.com/1250322"
},
{
"category": "self",
"summary": "SUSE Bug 1250323",
"url": "https://bugzilla.suse.com/1250323"
},
{
"category": "self",
"summary": "SUSE Bug 1250324",
"url": "https://bugzilla.suse.com/1250324"
},
{
"category": "self",
"summary": "SUSE Bug 1250325",
"url": "https://bugzilla.suse.com/1250325"
},
{
"category": "self",
"summary": "SUSE Bug 1250327",
"url": "https://bugzilla.suse.com/1250327"
},
{
"category": "self",
"summary": "SUSE Bug 1250328",
"url": "https://bugzilla.suse.com/1250328"
},
{
"category": "self",
"summary": "SUSE Bug 1250331",
"url": "https://bugzilla.suse.com/1250331"
},
{
"category": "self",
"summary": "SUSE Bug 1250358",
"url": "https://bugzilla.suse.com/1250358"
},
{
"category": "self",
"summary": "SUSE Bug 1250362",
"url": "https://bugzilla.suse.com/1250362"
},
{
"category": "self",
"summary": "SUSE Bug 1250363",
"url": "https://bugzilla.suse.com/1250363"
},
{
"category": "self",
"summary": "SUSE Bug 1250370",
"url": "https://bugzilla.suse.com/1250370"
},
{
"category": "self",
"summary": "SUSE Bug 1250374",
"url": "https://bugzilla.suse.com/1250374"
},
{
"category": "self",
"summary": "SUSE Bug 1250391",
"url": "https://bugzilla.suse.com/1250391"
},
{
"category": "self",
"summary": "SUSE Bug 1250392",
"url": "https://bugzilla.suse.com/1250392"
},
{
"category": "self",
"summary": "SUSE Bug 1250393",
"url": "https://bugzilla.suse.com/1250393"
},
{
"category": "self",
"summary": "SUSE Bug 1250394",
"url": "https://bugzilla.suse.com/1250394"
},
{
"category": "self",
"summary": "SUSE Bug 1250395",
"url": "https://bugzilla.suse.com/1250395"
},
{
"category": "self",
"summary": "SUSE Bug 1250397",
"url": "https://bugzilla.suse.com/1250397"
},
{
"category": "self",
"summary": "SUSE Bug 1250406",
"url": "https://bugzilla.suse.com/1250406"
},
{
"category": "self",
"summary": "SUSE Bug 1250412",
"url": "https://bugzilla.suse.com/1250412"
},
{
"category": "self",
"summary": "SUSE Bug 1250418",
"url": "https://bugzilla.suse.com/1250418"
},
{
"category": "self",
"summary": "SUSE Bug 1250425",
"url": "https://bugzilla.suse.com/1250425"
},
{
"category": "self",
"summary": "SUSE Bug 1250428",
"url": "https://bugzilla.suse.com/1250428"
},
{
"category": "self",
"summary": "SUSE Bug 1250453",
"url": "https://bugzilla.suse.com/1250453"
},
{
"category": "self",
"summary": "SUSE Bug 1250454",
"url": "https://bugzilla.suse.com/1250454"
},
{
"category": "self",
"summary": "SUSE Bug 1250457",
"url": "https://bugzilla.suse.com/1250457"
},
{
"category": "self",
"summary": "SUSE Bug 1250459",
"url": "https://bugzilla.suse.com/1250459"
},
{
"category": "self",
"summary": "SUSE Bug 1250522",
"url": "https://bugzilla.suse.com/1250522"
},
{
"category": "self",
"summary": "SUSE Bug 1250759",
"url": "https://bugzilla.suse.com/1250759"
},
{
"category": "self",
"summary": "SUSE Bug 1250761",
"url": "https://bugzilla.suse.com/1250761"
},
{
"category": "self",
"summary": "SUSE Bug 1250762",
"url": "https://bugzilla.suse.com/1250762"
},
{
"category": "self",
"summary": "SUSE Bug 1250763",
"url": "https://bugzilla.suse.com/1250763"
},
{
"category": "self",
"summary": "SUSE Bug 1250765",
"url": "https://bugzilla.suse.com/1250765"
},
{
"category": "self",
"summary": "SUSE Bug 1250767",
"url": "https://bugzilla.suse.com/1250767"
},
{
"category": "self",
"summary": "SUSE Bug 1250768",
"url": "https://bugzilla.suse.com/1250768"
},
{
"category": "self",
"summary": "SUSE Bug 1250771",
"url": "https://bugzilla.suse.com/1250771"
},
{
"category": "self",
"summary": "SUSE Bug 1250774",
"url": "https://bugzilla.suse.com/1250774"
},
{
"category": "self",
"summary": "SUSE Bug 1250781",
"url": "https://bugzilla.suse.com/1250781"
},
{
"category": "self",
"summary": "SUSE Bug 1250784",
"url": "https://bugzilla.suse.com/1250784"
},
{
"category": "self",
"summary": "SUSE Bug 1250786",
"url": "https://bugzilla.suse.com/1250786"
},
{
"category": "self",
"summary": "SUSE Bug 1250787",
"url": "https://bugzilla.suse.com/1250787"
},
{
"category": "self",
"summary": "SUSE Bug 1250790",
"url": "https://bugzilla.suse.com/1250790"
},
{
"category": "self",
"summary": "SUSE Bug 1250791",
"url": "https://bugzilla.suse.com/1250791"
},
{
"category": "self",
"summary": "SUSE Bug 1250792",
"url": "https://bugzilla.suse.com/1250792"
},
{
"category": "self",
"summary": "SUSE Bug 1250793",
"url": "https://bugzilla.suse.com/1250793"
},
{
"category": "self",
"summary": "SUSE Bug 1250797",
"url": "https://bugzilla.suse.com/1250797"
},
{
"category": "self",
"summary": "SUSE Bug 1250799",
"url": "https://bugzilla.suse.com/1250799"
},
{
"category": "self",
"summary": "SUSE Bug 1250807",
"url": "https://bugzilla.suse.com/1250807"
},
{
"category": "self",
"summary": "SUSE Bug 1250810",
"url": "https://bugzilla.suse.com/1250810"
},
{
"category": "self",
"summary": "SUSE Bug 1250811",
"url": "https://bugzilla.suse.com/1250811"
},
{
"category": "self",
"summary": "SUSE Bug 1250814",
"url": "https://bugzilla.suse.com/1250814"
},
{
"category": "self",
"summary": "SUSE Bug 1250818",
"url": "https://bugzilla.suse.com/1250818"
},
{
"category": "self",
"summary": "SUSE Bug 1250819",
"url": "https://bugzilla.suse.com/1250819"
},
{
"category": "self",
"summary": "SUSE Bug 1250822",
"url": "https://bugzilla.suse.com/1250822"
},
{
"category": "self",
"summary": "SUSE Bug 1250823",
"url": "https://bugzilla.suse.com/1250823"
},
{
"category": "self",
"summary": "SUSE Bug 1250824",
"url": "https://bugzilla.suse.com/1250824"
},
{
"category": "self",
"summary": "SUSE Bug 1250825",
"url": "https://bugzilla.suse.com/1250825"
},
{
"category": "self",
"summary": "SUSE Bug 1250829",
"url": "https://bugzilla.suse.com/1250829"
},
{
"category": "self",
"summary": "SUSE Bug 1250830",
"url": "https://bugzilla.suse.com/1250830"
},
{
"category": "self",
"summary": "SUSE Bug 1250831",
"url": "https://bugzilla.suse.com/1250831"
},
{
"category": "self",
"summary": "SUSE Bug 1250832",
"url": "https://bugzilla.suse.com/1250832"
},
{
"category": "self",
"summary": "SUSE Bug 1250839",
"url": "https://bugzilla.suse.com/1250839"
},
{
"category": "self",
"summary": "SUSE Bug 1250841",
"url": "https://bugzilla.suse.com/1250841"
},
{
"category": "self",
"summary": "SUSE Bug 1250842",
"url": "https://bugzilla.suse.com/1250842"
},
{
"category": "self",
"summary": "SUSE Bug 1250843",
"url": "https://bugzilla.suse.com/1250843"
},
{
"category": "self",
"summary": "SUSE Bug 1250846",
"url": "https://bugzilla.suse.com/1250846"
},
{
"category": "self",
"summary": "SUSE Bug 1250847",
"url": "https://bugzilla.suse.com/1250847"
},
{
"category": "self",
"summary": "SUSE Bug 1250848",
"url": "https://bugzilla.suse.com/1250848"
},
{
"category": "self",
"summary": "SUSE Bug 1250849",
"url": "https://bugzilla.suse.com/1250849"
},
{
"category": "self",
"summary": "SUSE Bug 1250850",
"url": "https://bugzilla.suse.com/1250850"
},
{
"category": "self",
"summary": "SUSE Bug 1250851",
"url": "https://bugzilla.suse.com/1250851"
},
{
"category": "self",
"summary": "SUSE Bug 1250853",
"url": "https://bugzilla.suse.com/1250853"
},
{
"category": "self",
"summary": "SUSE Bug 1250856",
"url": "https://bugzilla.suse.com/1250856"
},
{
"category": "self",
"summary": "SUSE Bug 1250861",
"url": "https://bugzilla.suse.com/1250861"
},
{
"category": "self",
"summary": "SUSE Bug 1250862",
"url": "https://bugzilla.suse.com/1250862"
},
{
"category": "self",
"summary": "SUSE Bug 1250863",
"url": "https://bugzilla.suse.com/1250863"
},
{
"category": "self",
"summary": "SUSE Bug 1250864",
"url": "https://bugzilla.suse.com/1250864"
},
{
"category": "self",
"summary": "SUSE Bug 1250866",
"url": "https://bugzilla.suse.com/1250866"
},
{
"category": "self",
"summary": "SUSE Bug 1250867",
"url": "https://bugzilla.suse.com/1250867"
},
{
"category": "self",
"summary": "SUSE Bug 1250868",
"url": "https://bugzilla.suse.com/1250868"
},
{
"category": "self",
"summary": "SUSE Bug 1250872",
"url": "https://bugzilla.suse.com/1250872"
},
{
"category": "self",
"summary": "SUSE Bug 1250873",
"url": "https://bugzilla.suse.com/1250873"
},
{
"category": "self",
"summary": "SUSE Bug 1250874",
"url": "https://bugzilla.suse.com/1250874"
},
{
"category": "self",
"summary": "SUSE Bug 1250875",
"url": "https://bugzilla.suse.com/1250875"
},
{
"category": "self",
"summary": "SUSE Bug 1250877",
"url": "https://bugzilla.suse.com/1250877"
},
{
"category": "self",
"summary": "SUSE Bug 1250879",
"url": "https://bugzilla.suse.com/1250879"
},
{
"category": "self",
"summary": "SUSE Bug 1250881",
"url": "https://bugzilla.suse.com/1250881"
},
{
"category": "self",
"summary": "SUSE Bug 1250883",
"url": "https://bugzilla.suse.com/1250883"
},
{
"category": "self",
"summary": "SUSE Bug 1250887",
"url": "https://bugzilla.suse.com/1250887"
},
{
"category": "self",
"summary": "SUSE Bug 1250888",
"url": "https://bugzilla.suse.com/1250888"
},
{
"category": "self",
"summary": "SUSE Bug 1250889",
"url": "https://bugzilla.suse.com/1250889"
},
{
"category": "self",
"summary": "SUSE Bug 1250890",
"url": "https://bugzilla.suse.com/1250890"
},
{
"category": "self",
"summary": "SUSE Bug 1250891",
"url": "https://bugzilla.suse.com/1250891"
},
{
"category": "self",
"summary": "SUSE Bug 1250905",
"url": "https://bugzilla.suse.com/1250905"
},
{
"category": "self",
"summary": "SUSE Bug 1250913",
"url": "https://bugzilla.suse.com/1250913"
},
{
"category": "self",
"summary": "SUSE Bug 1250915",
"url": "https://bugzilla.suse.com/1250915"
},
{
"category": "self",
"summary": "SUSE Bug 1250917",
"url": "https://bugzilla.suse.com/1250917"
},
{
"category": "self",
"summary": "SUSE Bug 1250923",
"url": "https://bugzilla.suse.com/1250923"
},
{
"category": "self",
"summary": "SUSE Bug 1250927",
"url": "https://bugzilla.suse.com/1250927"
},
{
"category": "self",
"summary": "SUSE Bug 1250928",
"url": "https://bugzilla.suse.com/1250928"
},
{
"category": "self",
"summary": "SUSE Bug 1250931",
"url": "https://bugzilla.suse.com/1250931"
},
{
"category": "self",
"summary": "SUSE Bug 1250932",
"url": "https://bugzilla.suse.com/1250932"
},
{
"category": "self",
"summary": "SUSE Bug 1250948",
"url": "https://bugzilla.suse.com/1250948"
},
{
"category": "self",
"summary": "SUSE Bug 1250949",
"url": "https://bugzilla.suse.com/1250949"
},
{
"category": "self",
"summary": "SUSE Bug 1250953",
"url": "https://bugzilla.suse.com/1250953"
},
{
"category": "self",
"summary": "SUSE Bug 1250963",
"url": "https://bugzilla.suse.com/1250963"
},
{
"category": "self",
"summary": "SUSE Bug 1250964",
"url": "https://bugzilla.suse.com/1250964"
},
{
"category": "self",
"summary": "SUSE Bug 1250965",
"url": "https://bugzilla.suse.com/1250965"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2602 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2978 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49138 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50233 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50234 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50235 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50241 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50242 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50246 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50247 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50249 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50250 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50251 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50252 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50255 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50257 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50258 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50260 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50261 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50266 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50267 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50268 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50268/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50269 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50271 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50272 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50275 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50276 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50277 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50278 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50282 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50286 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50287 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50288 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50289 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50292 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50294 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50297 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50298 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50298/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50299 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50299/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50303 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50308 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50309 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50309/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50312 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50317 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50317/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50318 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50318/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50320 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50321 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50323 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50324 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50325 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50328 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50329 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50329/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50330 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50331 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50333 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50339 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50340 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50342 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50342/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50344 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50346 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50346/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50347 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50348 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50349 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50351 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50353 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50354 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50355 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50356 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50357 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50358 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50359 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50360 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50362 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50364 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50367 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50368 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50369 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50370 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50372 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50373 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50374 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50375 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50376 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50378 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50379 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50381 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50386 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50388 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50389 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50390 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50391 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50392 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50392/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50393 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50394 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50394/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50395 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50396 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50398 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50399 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50401 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50402 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50404 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50406 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50408 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50409 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50410 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50411 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50412 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50414 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50417 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50418 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50419 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50422 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50423 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50425 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50427 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50427/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50428 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50428/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50429 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50430 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50430/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50431 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50432 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50433 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50433/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50434 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50435 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50436 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50437 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50439 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50440 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50441 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50443 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50444 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50447 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50449 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50452 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50453 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50454 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50456 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50458 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50459 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50460 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50464 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50465 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50466 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50467 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50468 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50469 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1380 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28328 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31248 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39197 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42753 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52923 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53147 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53149 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53150 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53151 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53152 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53153 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53165 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53167 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53168 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53171 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53174 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53176 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53178 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53179 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53181 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53182 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53185 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53189 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53193 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53196 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53197 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53199 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53201 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53205 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53210 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53213 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53215 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53216 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53219 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53219/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53222 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53223 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53226 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53229 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53230 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53232 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53234 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53237 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53238 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53241 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53242 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53244 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53245 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53246 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53249 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53250 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53251 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53252 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53255 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53257 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53258 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53259 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53263 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53265 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53268 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53268/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53272 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53273 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53275 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53276 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53277 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53280 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53281 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53282 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53284 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53286 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53287 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53295 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53297 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53298 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53298/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53299 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53299/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53302 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53304 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53305 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53309 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53309/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53311 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53313 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53313/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53314 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53315 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53316 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53316/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53317 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53317/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53320 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53321 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53322 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53324 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53326 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53326/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53330 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53331 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53332 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53333 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53334 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53334/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53335 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53337 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53340 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53344 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53347 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53349 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53352 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53357 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53359 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53368 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53370 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53371 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53373 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53375 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53377 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53378 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53379 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53380 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53381 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53383 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53384 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53386 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53388 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53390 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53391 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53393 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53395 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53396 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53398 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53400 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53404 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53405 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53406 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53409 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53413 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53414 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53415 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53416 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53422 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53427 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53427/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53431 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53435 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53436 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53437 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53438 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53440 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53442 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53443 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53444 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53446 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53448 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53449 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53451 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53452 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53453 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53456 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53457 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53458 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53463 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53464 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53465 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53466 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53468 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53471 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53472 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53473 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53474 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53475 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53476 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53480 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53482 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53485 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53487 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53488 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53489 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53492 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53494 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53496 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53498 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53499 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53505 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53506 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53509 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53511 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53512 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53518 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53519 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53521 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53524 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53525 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53526 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53532 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26583 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26584 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58240 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38380 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38488 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38685 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38713 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39746 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39860 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39869/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-10-23T15:04:37Z",
"generator": {
"date": "2025-10-23T15:04:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3761-1",
"initial_release_date": "2025-10-23T15:04:37Z",
"revision_history": [
{
"date": "2025-10-23T15:04:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"product_id": "kernel-devel-rt-5.14.21-150500.13.109.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150500.13.109.1.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150500.13.109.1.noarch",
"product_id": "kernel-source-rt-5.14.21-150500.13.109.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt-vdso-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt-vdso-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-rt_debug-vdso-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "kernel-syms-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150500.13.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150500.13.109.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150500.13.109.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.14.21-150500.13.109.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch"
},
"product_reference": "kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.109.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.109.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2602"
}
],
"notes": [
{
"category": "general",
"text": "io_uring UAF, Unix SCM garbage collection",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2602",
"url": "https://www.suse.com/security/cve/CVE-2022-2602"
},
{
"category": "external",
"summary": "SUSE Bug 1204228 for CVE-2022-2602",
"url": "https://bugzilla.suse.com/1204228"
},
{
"category": "external",
"summary": "SUSE Bug 1205186 for CVE-2022-2602",
"url": "https://bugzilla.suse.com/1205186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-2602"
},
{
"cve": "CVE-2022-2978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2978"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2978",
"url": "https://www.suse.com/security/cve/CVE-2022-2978"
},
{
"category": "external",
"summary": "SUSE Bug 1202700 for CVE-2022-2978",
"url": "https://bugzilla.suse.com/1202700"
},
{
"category": "external",
"summary": "SUSE Bug 1204745 for CVE-2022-2978",
"url": "https://bugzilla.suse.com/1204745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-2978"
},
{
"cve": "CVE-2022-36280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36280"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36280",
"url": "https://www.suse.com/security/cve/CVE-2022-36280"
},
{
"category": "external",
"summary": "SUSE Bug 1203332 for CVE-2022-36280",
"url": "https://bugzilla.suse.com/1203332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-36280"
},
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-49138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Ignore multiple conn complete events\n\nWhen one of the three connection complete events is received multiple\ntimes for the same handle, the device is registered multiple times which\nleads to memory corruptions. Therefore, consequent events for a single\nconnection are ignored.\n\nThe conn-\u003estate can hold different values, therefore HCI_CONN_HANDLE_UNSET\nis introduced to identify new connections. To make sure the events do not\ncontain this or another invalid handle HCI_CONN_HANDLE_MAX and checks\nare introduced.\n\nBuglink: https://bugzilla.kernel.org/show_bug.cgi?id=215497",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49138",
"url": "https://www.suse.com/security/cve/CVE-2022-49138"
},
{
"category": "external",
"summary": "SUSE Bug 1238160 for CVE-2022-49138",
"url": "https://bugzilla.suse.com/1238160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-49138"
},
{
"cve": "CVE-2022-50233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50233"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: eir: Fix using strlen with hdev-\u003e{dev_name,short_name}\n\nBoth dev_name and short_name are not guaranteed to be NULL terminated so\nthis instead use strnlen and then attempt to determine if the resulting\nstring needs to be truncated or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50233",
"url": "https://www.suse.com/security/cve/CVE-2022-50233"
},
{
"category": "external",
"summary": "SUSE Bug 1246968 for CVE-2022-50233",
"url": "https://bugzilla.suse.com/1246968"
},
{
"category": "external",
"summary": "SUSE Bug 1249242 for CVE-2022-50233",
"url": "https://bugzilla.suse.com/1249242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50233"
},
{
"cve": "CVE-2022-50234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: defer registered files gc to io_uring release\n\nInstead of putting io_uring\u0027s registered files in unix_gc() we want it\nto be done by io_uring itself. The trick here is to consider io_uring\nregistered files for cycle detection but not actually putting them down.\nBecause io_uring can\u0027t register other ring instances, this will remove\nall refs to the ring file triggering the -\u003erelease path and clean up\nwith io_ring_ctx_free().\n\n[axboe: add kerneldoc comment to skb, fold in skb leak fix]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50234",
"url": "https://www.suse.com/security/cve/CVE-2022-50234"
},
{
"category": "external",
"summary": "SUSE Bug 1249664 for CVE-2022-50234",
"url": "https://bugzilla.suse.com/1249664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50234"
},
{
"cve": "CVE-2022-50235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Protect against send buffer overflow in NFSv2 READDIR\n\nRestore the previous limit on the @count argument to prevent a\nbuffer overflow attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50235",
"url": "https://www.suse.com/security/cve/CVE-2022-50235"
},
{
"category": "external",
"summary": "SUSE Bug 1249667 for CVE-2022-50235",
"url": "https://bugzilla.suse.com/1249667"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50235"
},
{
"cve": "CVE-2022-50239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: qcom: fix writes in read-only memory region\n\nThis commit fixes a kernel oops because of a write in some read-only memory:\n\n\t[ 9.068287] Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8\n\t..snip..\n\t[ 9.138790] Internal error: Oops: 9600004f [#1] PREEMPT SMP\n\t..snip..\n\t[ 9.269161] Call trace:\n\t[ 9.276271] __memcpy+0x5c/0x230\n\t[ 9.278531] snprintf+0x58/0x80\n\t[ 9.282002] qcom_cpufreq_msm8939_name_version+0xb4/0x190\n\t[ 9.284869] qcom_cpufreq_probe+0xc8/0x39c\n\t..snip..\n\nThe following line defines a pointer that point to a char buffer stored\nin read-only memory:\n\n\tchar *pvs_name = \"speedXX-pvsXX-vXX\";\n\nThis pointer is meant to hold a template \"speedXX-pvsXX-vXX\" where the\nXX values get overridden by the qcom_cpufreq_krait_name_version function. Since\nthe template is actually stored in read-only memory, when the function\nexecutes the following call we get an oops:\n\n\tsnprintf(*pvs_name, sizeof(\"speedXX-pvsXX-vXX\"), \"speed%d-pvs%d-v%d\",\n\t\t speed, pvs, pvs_ver);\n\nTo fix this issue, we instead store the template name onto the stack by\nusing the following syntax:\n\n\tchar pvs_name_buffer[] = \"speedXX-pvsXX-vXX\";\n\nBecause the `pvs_name` needs to be able to be assigned to NULL, the\ntemplate buffer is stored in the pvs_name_buffer and not under the\npvs_name variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50239",
"url": "https://www.suse.com/security/cve/CVE-2022-50239"
},
{
"category": "external",
"summary": "SUSE Bug 1249836 for CVE-2022-50239",
"url": "https://bugzilla.suse.com/1249836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50239"
},
{
"cve": "CVE-2022-50241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50241"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix use-after-free on source server when doing inter-server copy\n\nUse-after-free occurred when the laundromat tried to free expired\ncpntf_state entry on the s2s_cp_stateids list after inter-server\ncopy completed. The sc_cp_list that the expired copy state was\ninserted on was already freed.\n\nWhen COPY completes, the Linux client normally sends LOCKU(lock_state x),\nFREE_STATEID(lock_state x) and CLOSE(open_state y) to the source server.\nThe nfs4_put_stid call from nfsd4_free_stateid cleans up the copy state\nfrom the s2s_cp_stateids list before freeing the lock state\u0027s stid.\n\nHowever, sometimes the CLOSE was sent before the FREE_STATEID request.\nWhen this happens, the nfsd4_close_open_stateid call from nfsd4_close\nfrees all lock states on its st_locks list without cleaning up the copy\nstate on the sc_cp_list list. When the time the FREE_STATEID arrives the\nserver returns BAD_STATEID since the lock state was freed. This causes\nthe use-after-free error to occur when the laundromat tries to free\nthe expired cpntf_state.\n\nThis patch adds a call to nfs4_free_cpntf_statelist in\nnfsd4_close_open_stateid to clean up the copy state before calling\nfree_ol_stateid_reaplist to free the lock state\u0027s stid on the reaplist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50241",
"url": "https://www.suse.com/security/cve/CVE-2022-50241"
},
{
"category": "external",
"summary": "SUSE Bug 1249691 for CVE-2022-50241",
"url": "https://bugzilla.suse.com/1249691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50241"
},
{
"cve": "CVE-2022-50242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50242"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()\n\nIf vp alloc failed in qlcnic_sriov_init(), all previously allocated vp\nneeds to be freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50242",
"url": "https://www.suse.com/security/cve/CVE-2022-50242"
},
{
"category": "external",
"summary": "SUSE Bug 1249696 for CVE-2022-50242",
"url": "https://bugzilla.suse.com/1249696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50242"
},
{
"cve": "CVE-2022-50246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50246"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpci: fix of node refcount leak in tcpci_register_port()\n\nI got the following report while doing device(mt6370-tcpc) load\ntest with CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC enabled:\n\n OF: ERROR: memory leak, expected refcount 1 instead of 2,\n of_node_get()/of_node_put() unbalanced - destroy cset entry:\n attach overlay node /i2c/pmic@34/tcpc/connector\n\nThe \u0027fwnode\u0027 set in tcpci_parse_config() which is called\nin tcpci_register_port(), its node refcount is increased\nin device_get_named_child_node(). It needs be put while\nexiting, so call fwnode_handle_put() in the error path of\ntcpci_register_port() and in tcpci_unregister_port() to\navoid leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50246",
"url": "https://www.suse.com/security/cve/CVE-2022-50246"
},
{
"category": "external",
"summary": "SUSE Bug 1249746 for CVE-2022-50246",
"url": "https://bugzilla.suse.com/1249746"
},
{
"category": "external",
"summary": "SUSE Bug 1249759 for CVE-2022-50246",
"url": "https://bugzilla.suse.com/1249759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50246"
},
{
"cve": "CVE-2022-50247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq\n\nCan not set the @shared_hcd to NULL before decrease the usage count\nby usb_put_hcd(), this will cause the shared hcd not released.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50247",
"url": "https://www.suse.com/security/cve/CVE-2022-50247"
},
{
"category": "external",
"summary": "SUSE Bug 1249681 for CVE-2022-50247",
"url": "https://bugzilla.suse.com/1249681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50247"
},
{
"cve": "CVE-2022-50248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix double free on tx path.\n\nWe see kernel crashes and lockups and KASAN errors related to ax210\nfirmware crashes. One of the KASAN dumps pointed at the tx path,\nand it appears there is indeed a way to double-free an skb.\n\nIf iwl_mvm_tx_skb_sta returns non-zero, then the \u0027skb\u0027 sent into the\nmethod will be freed. But, in case where we build TSO skb buffer,\nthe skb may also be freed in error case. So, return 0 in that particular\nerror case and do cleanup manually.\n\nBUG: KASAN: use-after-free in __list_del_entry_valid+0x12/0x90\niwlwifi 0000:06:00.0: 0x00000000 | tsf hi\nRead of size 8 at addr ffff88813cfa4ba0 by task btserver/9650\n\nCPU: 4 PID: 9650 Comm: btserver Tainted: G W 5.19.8+ #5\niwlwifi 0000:06:00.0: 0x00000000 | time gp1\nHardware name: Default string Default string/SKYBAY, BIOS 5.12 02/19/2019\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x55/0x6d\n print_report.cold.12+0xf2/0x684\niwlwifi 0000:06:00.0: 0x1D0915A8 | time gp2\n ? __list_del_entry_valid+0x12/0x90\n kasan_report+0x8b/0x180\niwlwifi 0000:06:00.0: 0x00000001 | uCode revision type\n ? __list_del_entry_valid+0x12/0x90\n __list_del_entry_valid+0x12/0x90\niwlwifi 0000:06:00.0: 0x00000048 | uCode version major\n tcp_update_skb_after_send+0x5d/0x170\n __tcp_transmit_skb+0xb61/0x15c0\niwlwifi 0000:06:00.0: 0xDAA05125 | uCode version minor\n ? __tcp_select_window+0x490/0x490\niwlwifi 0000:06:00.0: 0x00000420 | hw version\n ? trace_kmalloc_node+0x29/0xd0\n ? __kmalloc_node_track_caller+0x12a/0x260\n ? memset+0x1f/0x40\n ? __build_skb_around+0x125/0x150\n ? __alloc_skb+0x1d4/0x220\n ? skb_zerocopy_clone+0x55/0x230\niwlwifi 0000:06:00.0: 0x00489002 | board version\n ? kmalloc_reserve+0x80/0x80\n ? rcu_read_lock_bh_held+0x60/0xb0\n tcp_write_xmit+0x3f1/0x24d0\niwlwifi 0000:06:00.0: 0x034E001C | hcmd\n ? __check_object_size+0x180/0x350\niwlwifi 0000:06:00.0: 0x24020000 | isr0\n tcp_sendmsg_locked+0x8a9/0x1520\niwlwifi 0000:06:00.0: 0x01400000 | isr1\n ? tcp_sendpage+0x50/0x50\niwlwifi 0000:06:00.0: 0x48F0000A | isr2\n ? lock_release+0xb9/0x400\n ? tcp_sendmsg+0x14/0x40\niwlwifi 0000:06:00.0: 0x00C3080C | isr3\n ? lock_downgrade+0x390/0x390\n ? do_raw_spin_lock+0x114/0x1d0\niwlwifi 0000:06:00.0: 0x00200000 | isr4\n ? rwlock_bug.part.2+0x50/0x50\niwlwifi 0000:06:00.0: 0x034A001C | last cmd Id\n ? rwlock_bug.part.2+0x50/0x50\n ? lockdep_hardirqs_on_prepare+0xe/0x200\niwlwifi 0000:06:00.0: 0x0000C2F0 | wait_event\n ? __local_bh_enable_ip+0x87/0xe0\n ? inet_send_prepare+0x220/0x220\niwlwifi 0000:06:00.0: 0x000000C4 | l2p_control\n tcp_sendmsg+0x22/0x40\n sock_sendmsg+0x5f/0x70\niwlwifi 0000:06:00.0: 0x00010034 | l2p_duration\n __sys_sendto+0x19d/0x250\niwlwifi 0000:06:00.0: 0x00000007 | l2p_mhvalid\n ? __ia32_sys_getpeername+0x40/0x40\niwlwifi 0000:06:00.0: 0x00000000 | l2p_addr_match\n ? rcu_read_lock_held_common+0x12/0x50\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? lock_release+0xb9/0x400\n ? lock_downgrade+0x390/0x390\n ? ktime_get+0x64/0x130\n ? ktime_get+0x8d/0x130\n ? rcu_read_lock_held_common+0x12/0x50\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_held_common+0x12/0x50\n ? rcu_read_lock_sched_held+0x5a/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n __x64_sys_sendto+0x6f/0x80\n do_syscall_64+0x34/0xb0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f1d126e4531\nCode: 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 35 80 0c 00 41 89 ca 8b 00 85 c0 75 1c 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 67 c3 66 0f 1f 44 00 00 55 48 83 ec 20 48 89\nRSP: 002b:00007ffe21a679d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 000000000000ffdc RCX: 00007f1d126e4531\nRDX: 0000000000010000 RSI: 000000000374acf0 RDI: 0000000000000014\nRBP: 00007ffe21a67ac0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50248",
"url": "https://www.suse.com/security/cve/CVE-2022-50248"
},
{
"category": "external",
"summary": "SUSE Bug 1249840 for CVE-2022-50248",
"url": "https://bugzilla.suse.com/1249840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50248"
},
{
"cve": "CVE-2022-50249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: of: Fix refcount leak bug in of_get_ddr_timings()\n\nWe should add the of_node_put() when breaking out of\nfor_each_child_of_node() as it will automatically increase\nand decrease the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50249",
"url": "https://www.suse.com/security/cve/CVE-2022-50249"
},
{
"category": "external",
"summary": "SUSE Bug 1249747 for CVE-2022-50249",
"url": "https://bugzilla.suse.com/1249747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50249"
},
{
"cve": "CVE-2022-50250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50250"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix use_count leakage when handling boot-on\n\nI found a use_count leakage towards supply regulator of rdev with\nboot-on option.\n\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| regulator_dev A | | regulator_dev B |\n| (boot-on) | | (boot-on) |\n| use_count=0 |\u25c0\u2500\u2500supply\u2500\u2500| use_count=1 |\n| | | |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\nIn case of rdev(A) configured with `regulator-boot-on\u0027, the use_count\nof supplying regulator(B) will increment inside\nregulator_enable(rdev-\u003esupply).\n\nThus, B will acts like always-on, and further balanced\nregulator_enable/disable cannot actually disable it anymore.\n\nHowever, B was also configured with `regulator-boot-on\u0027, we wish it\ncould be disabled afterwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50250",
"url": "https://www.suse.com/security/cve/CVE-2022-50250"
},
{
"category": "external",
"summary": "SUSE Bug 1249844 for CVE-2022-50250",
"url": "https://bugzilla.suse.com/1249844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50250"
},
{
"cve": "CVE-2022-50251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: vub300: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and goto error path which will call\nmmc_free_host(), besides, the timer added before mmc_add_host() needs be del.\n\nAnd this patch fixes another missing call mmc_free_host() if usb_control_msg()\nfails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50251",
"url": "https://www.suse.com/security/cve/CVE-2022-50251"
},
{
"category": "external",
"summary": "SUSE Bug 1249745 for CVE-2022-50251",
"url": "https://bugzilla.suse.com/1249745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50251"
},
{
"cve": "CVE-2022-50252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Do not free q_vector unless new one was allocated\n\nAvoid potential use-after-free condition under memory pressure. If the\nkzalloc() fails, q_vector will be freed but left in the original\nadapter-\u003eq_vector[v_idx] array position.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50252",
"url": "https://www.suse.com/security/cve/CVE-2022-50252"
},
{
"category": "external",
"summary": "SUSE Bug 1249846 for CVE-2022-50252",
"url": "https://bugzilla.suse.com/1249846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50252"
},
{
"cve": "CVE-2022-50255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix reading strings from synthetic events\n\nThe follow commands caused a crash:\n\n # cd /sys/kernel/tracing\n # echo \u0027s:open char file[]\u0027 \u003e dynamic_events\n # echo \u0027hist:keys=common_pid:file=filename:onchange($file).trace(open,$file)\u0027 \u003e events/syscalls/sys_enter_openat/trigger\u0027\n # echo 1 \u003e events/synthetic/open/enable\n\nBOOM!\n\nThe problem is that the synthetic event field \"char file[]\" will read\nthe value given to it as a string without any memory checks to make sure\nthe address is valid. The above example will pass in the user space\naddress and the sythetic event code will happily call strlen() on it\nand then strscpy() where either one will cause an oops when accessing\nuser space addresses.\n\nUse the helper functions from trace_kprobe and trace_eprobe that can\nread strings safely (and actually succeed when the address is from user\nspace and the memory is mapped in).\n\nNow the above can show:\n\n packagekitd-1721 [000] ...2. 104.597170: open: file=/usr/lib/rpm/fileattrs/cmake.attr\n in:imjournal-978 [006] ...2. 104.599642: open: file=/var/lib/rsyslog/imjournal.state.tmp\n packagekitd-1721 [000] ...2. 104.626308: open: file=/usr/lib/rpm/fileattrs/debuginfo.attr",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50255",
"url": "https://www.suse.com/security/cve/CVE-2022-50255"
},
{
"category": "external",
"summary": "SUSE Bug 1249910 for CVE-2022-50255",
"url": "https://bugzilla.suse.com/1249910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50255"
},
{
"cve": "CVE-2022-50257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/gntdev: Prevent leaking grants\n\nPrior to this commit, if a grant mapping operation failed partially,\nsome of the entries in the map_ops array would be invalid, whereas all\nof the entries in the kmap_ops array would be valid. This in turn would\ncause the following logic in gntdev_map_grant_pages to become invalid:\n\n for (i = 0; i \u003c map-\u003ecount; i++) {\n if (map-\u003emap_ops[i].status == GNTST_okay) {\n map-\u003eunmap_ops[i].handle = map-\u003emap_ops[i].handle;\n if (!use_ptemod)\n alloced++;\n }\n if (use_ptemod) {\n if (map-\u003ekmap_ops[i].status == GNTST_okay) {\n if (map-\u003emap_ops[i].status == GNTST_okay)\n alloced++;\n map-\u003ekunmap_ops[i].handle = map-\u003ekmap_ops[i].handle;\n }\n }\n }\n ...\n atomic_add(alloced, \u0026map-\u003elive_grants);\n\nAssume that use_ptemod is true (i.e., the domain mapping the granted\npages is a paravirtualized domain). In the code excerpt above, note that\nthe \"alloced\" variable is only incremented when both kmap_ops[i].status\nand map_ops[i].status are set to GNTST_okay (i.e., both mapping\noperations are successful). However, as also noted above, there are\ncases where a grant mapping operation fails partially, breaking the\nassumption of the code excerpt above.\n\nThe aforementioned causes map-\u003elive_grants to be incorrectly set. In\nsome cases, all of the map_ops mappings fail, but all of the kmap_ops\nmappings succeed, meaning that live_grants may remain zero. This in turn\nmakes it impossible to unmap the successfully grant-mapped pages pointed\nto by kmap_ops, because unmap_grant_pages has the following snippet of\ncode at its beginning:\n\n if (atomic_read(\u0026map-\u003elive_grants) == 0)\n return; /* Nothing to do */\n\nIn other cases where only some of the map_ops mappings fail but all\nkmap_ops mappings succeed, live_grants is made positive, but when the\nuser requests unmapping the grant-mapped pages, __unmap_grant_pages_done\nwill then make map-\u003elive_grants negative, because the latter function\ndoes not check if all of the pages that were requested to be unmapped\nwere actually unmapped, and the same function unconditionally subtracts\n\"data-\u003ecount\" (i.e., a value that can be greater than map-\u003elive_grants)\nfrom map-\u003elive_grants. The side effects of a negative live_grants value\nhave not been studied.\n\nThe net effect of all of this is that grant references are leaked in one\nof the above conditions. In Qubes OS v4.1 (which uses Xen\u0027s grant\nmechanism extensively for X11 GUI isolation), this issue manifests\nitself with warning messages like the following to be printed out by the\nLinux kernel in the VM that had granted pages (that contain X11 GUI\nwindow data) to dom0: \"g.e. 0x1234 still pending\", especially after the\nuser rapidly resizes GUI VM windows (causing some grant-mapping\noperations to partially or completely fail, due to the fact that the VM\nunshares some of the pages as part of the window resizing, making the\npages impossible to grant-map from dom0).\n\nThe fix for this issue involves counting all successful map_ops and\nkmap_ops mappings separately, and then adding the sum to live_grants.\nDuring unmapping, only the number of successfully unmapped grants is\nsubtracted from live_grants. The code is also modified to check for\nnegative live_grants values after the subtraction and warn the user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50257",
"url": "https://www.suse.com/security/cve/CVE-2022-50257"
},
{
"category": "external",
"summary": "SUSE Bug 1249743 for CVE-2022-50257",
"url": "https://bugzilla.suse.com/1249743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50257"
},
{
"cve": "CVE-2022-50258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()\n\nThis patch fixes a stack-out-of-bounds read in brcmfmac that occurs\nwhen \u0027buf\u0027 that is not null-terminated is passed as an argument of\nstrsep() in brcmf_c_preinit_dcmds(). This buffer is filled with a firmware\nversion string by memcpy() in brcmf_fil_iovar_data_get().\nThe patch ensures buf is null-terminated.\n\nFound by a modified version of syzkaller.\n\n[ 47.569679][ T1897] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43236b for chip BCM43236/3\n[ 47.582839][ T1897] brcmfmac: brcmf_c_process_clm_blob: no clm_blob available (err=-2), device may have limited channels available\n[ 47.601565][ T1897] ==================================================================\n[ 47.602574][ T1897] BUG: KASAN: stack-out-of-bounds in strsep+0x1b2/0x1f0\n[ 47.603447][ T1897] Read of size 1 at addr ffffc90001f6f000 by task kworker/0:2/1897\n[ 47.604336][ T1897]\n[ 47.604621][ T1897] CPU: 0 PID: 1897 Comm: kworker/0:2 Tainted: G O 5.14.0+ #131\n[ 47.605617][ T1897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\n[ 47.606907][ T1897] Workqueue: usb_hub_wq hub_event\n[ 47.607453][ T1897] Call Trace:\n[ 47.607801][ T1897] dump_stack_lvl+0x8e/0xd1\n[ 47.608295][ T1897] print_address_description.constprop.0.cold+0xf/0x334\n[ 47.609009][ T1897] ? strsep+0x1b2/0x1f0\n[ 47.609434][ T1897] ? strsep+0x1b2/0x1f0\n[ 47.609863][ T1897] kasan_report.cold+0x83/0xdf\n[ 47.610366][ T1897] ? strsep+0x1b2/0x1f0\n[ 47.610882][ T1897] strsep+0x1b2/0x1f0\n[ 47.611300][ T1897] ? brcmf_fil_iovar_data_get+0x3a/0xf0\n[ 47.611883][ T1897] brcmf_c_preinit_dcmds+0x995/0xc40\n[ 47.612434][ T1897] ? brcmf_c_set_joinpref_default+0x100/0x100\n[ 47.613078][ T1897] ? rcu_read_lock_sched_held+0xa1/0xd0\n[ 47.613662][ T1897] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 47.614208][ T1897] ? lock_acquire+0x19d/0x4e0\n[ 47.614704][ T1897] ? find_held_lock+0x2d/0x110\n[ 47.615236][ T1897] ? brcmf_usb_deq+0x1a7/0x260\n[ 47.615741][ T1897] ? brcmf_usb_rx_fill_all+0x5a/0xf0\n[ 47.616288][ T1897] brcmf_attach+0x246/0xd40\n[ 47.616758][ T1897] ? wiphy_new_nm+0x1703/0x1dd0\n[ 47.617280][ T1897] ? kmemdup+0x43/0x50\n[ 47.617720][ T1897] brcmf_usb_probe+0x12de/0x1690\n[ 47.618244][ T1897] ? brcmf_usbdev_qinit.constprop.0+0x470/0x470\n[ 47.618901][ T1897] usb_probe_interface+0x2aa/0x760\n[ 47.619429][ T1897] ? usb_probe_device+0x250/0x250\n[ 47.619950][ T1897] really_probe+0x205/0xb70\n[ 47.620435][ T1897] ? driver_allows_async_probing+0x130/0x130\n[ 47.621048][ T1897] __driver_probe_device+0x311/0x4b0\n[ 47.621595][ T1897] ? driver_allows_async_probing+0x130/0x130\n[ 47.622209][ T1897] driver_probe_device+0x4e/0x150\n[ 47.622739][ T1897] __device_attach_driver+0x1cc/0x2a0\n[ 47.623287][ T1897] bus_for_each_drv+0x156/0x1d0\n[ 47.623796][ T1897] ? bus_rescan_devices+0x30/0x30\n[ 47.624309][ T1897] ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n[ 47.624907][ T1897] ? trace_hardirqs_on+0x46/0x160\n[ 47.625437][ T1897] __device_attach+0x23f/0x3a0\n[ 47.625924][ T1897] ? device_bind_driver+0xd0/0xd0\n[ 47.626433][ T1897] ? kobject_uevent_env+0x287/0x14b0\n[ 47.627057][ T1897] bus_probe_device+0x1da/0x290\n[ 47.627557][ T1897] device_add+0xb7b/0x1eb0\n[ 47.628027][ T1897] ? wait_for_completion+0x290/0x290\n[ 47.628593][ T1897] ? __fw_devlink_link_to_suppliers+0x5a0/0x5a0\n[ 47.629249][ T1897] usb_set_configuration+0xf59/0x16f0\n[ 47.629829][ T1897] usb_generic_driver_probe+0x82/0xa0\n[ 47.630385][ T1897] usb_probe_device+0xbb/0x250\n[ 47.630927][ T1897] ? usb_suspend+0x590/0x590\n[ 47.631397][ T1897] really_probe+0x205/0xb70\n[ 47.631855][ T1897] ? driver_allows_async_probing+0x130/0x130\n[ 47.632469][ T1897] __driver_probe_device+0x311/0x4b0\n[ 47.633002][ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50258",
"url": "https://www.suse.com/security/cve/CVE-2022-50258"
},
{
"category": "external",
"summary": "SUSE Bug 1249947 for CVE-2022-50258",
"url": "https://bugzilla.suse.com/1249947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50258"
},
{
"cve": "CVE-2022-50260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50260"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Make .remove and .shutdown HW shutdown consistent\n\nDrivers\u0027 .remove and .shutdown callbacks are executed on different code\npaths. The former is called when a device is removed from the bus, while\nthe latter is called at system shutdown time to quiesce the device.\n\nThis means that some overlap exists between the two, because both have to\ntake care of properly shutting down the hardware. But currently the logic\nused in these two callbacks isn\u0027t consistent in msm drivers, which could\nlead to kernel panic.\n\nFor example, on .remove the component is deleted and its .unbind callback\nleads to the hardware being shutdown but only if the DRM device has been\nmarked as registered.\n\nThat check doesn\u0027t exist in the .shutdown logic and this can lead to the\ndriver calling drm_atomic_helper_shutdown() for a DRM device that hasn\u0027t\nbeen properly initialized.\n\nA situation like this can happen if drivers for expected sub-devices fail\nto probe, since the .bind callback will never be executed. If that is the\ncase, drm_atomic_helper_shutdown() will attempt to take mutexes that are\nonly initialized if drm_mode_config_init() is called during a device bind.\n\nThis bug was attempted to be fixed in commit 623f279c7781 (\"drm/msm: fix\nshutdown hook in case GPU components failed to bind\"), but unfortunately\nit still happens in some cases as the one mentioned above, i.e:\n\n systemd-shutdown[1]: Powering off.\n kvm: exiting hardware virtualization\n platform wifi-firmware.0: Removing from iommu group 12\n platform video-firmware.0: Removing from iommu group 10\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1 at drivers/gpu/drm/drm_modeset_lock.c:317 drm_modeset_lock_all_ctx+0x3c4/0x3d0\n ...\n Hardware name: Google CoachZ (rev3+) (DT)\n pstate: a0400009 (NzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : drm_modeset_lock_all_ctx+0x3c4/0x3d0\n lr : drm_modeset_lock_all_ctx+0x48/0x3d0\n sp : ffff80000805bb80\n x29: ffff80000805bb80 x28: ffff327c00128000 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000001 x24: ffffc95d820ec030\n x23: ffff327c00bbd090 x22: ffffc95d8215eca0 x21: ffff327c039c5800\n x20: ffff327c039c5988 x19: ffff80000805bbe8 x18: 0000000000000034\n x17: 000000040044ffff x16: ffffc95d80cac920 x15: 0000000000000000\n x14: 0000000000000315 x13: 0000000000000315 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : ffff80000805bc28 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff327c00128000 x1 : 0000000000000000 x0 : ffff327c039c59b0\n Call trace:\n drm_modeset_lock_all_ctx+0x3c4/0x3d0\n drm_atomic_helper_shutdown+0x70/0x134\n msm_drv_shutdown+0x30/0x40\n platform_shutdown+0x28/0x40\n device_shutdown+0x148/0x350\n kernel_power_off+0x38/0x80\n __do_sys_reboot+0x288/0x2c0\n __arm64_sys_reboot+0x28/0x34\n invoke_syscall+0x48/0x114\n el0_svc_common.constprop.0+0x44/0xec\n do_el0_svc+0x2c/0xc0\n el0_svc+0x2c/0x84\n el0t_64_sync_handler+0x11c/0x150\n el0t_64_sync+0x18c/0x190\n ---[ end trace 0000000000000000 ]---\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004\n CM = 0, WnR = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=000000010eab1000\n [0000000000000018] pgd=0000000000000000, p4d=0000000000000000\n Internal error: Oops: 96000004 [#1] PREEMPT SMP\n ...\n Hardware name: Google CoachZ (rev3+) (DT)\n pstate: a0400009 (NzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ww_mutex_lock+0x28/0x32c\n lr : drm_modeset_lock_all_ctx+0x1b0/0x3d0\n sp : ffff80000805bb50\n x29: ffff80000805bb50 x28: ffff327c00128000 x27: 0000000000000000\n x26: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50260",
"url": "https://www.suse.com/security/cve/CVE-2022-50260"
},
{
"category": "external",
"summary": "SUSE Bug 1249885 for CVE-2022-50260",
"url": "https://bugzilla.suse.com/1249885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50260"
},
{
"cve": "CVE-2022-50261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()\n\nWith clang\u0027s kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),\nindirect call targets are validated against the expected function\npointer prototype to make sure the call target is valid to help mitigate\nROP attacks. If they are not identical, there is a failure at run time,\nwhich manifests as either a kernel panic or thread getting killed. A\nproposed warning in clang aims to catch these at compile time, which\nreveals:\n\n drivers/gpu/drm/sti/sti_hda.c:637:16: error: incompatible function pointer types initializing \u0027enum drm_mode_status (*)(struct drm_connector *, struct drm_display_mode *)\u0027 with an expression of type \u0027int (struct drm_connector *, struct drm_display_mode *)\u0027 [-Werror,-Wincompatible-function-pointer-types-strict]\n .mode_valid = sti_hda_connector_mode_valid,\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~~\n drivers/gpu/drm/sti/sti_dvo.c:376:16: error: incompatible function pointer types initializing \u0027enum drm_mode_status (*)(struct drm_connector *, struct drm_display_mode *)\u0027 with an expression of type \u0027int (struct drm_connector *, struct drm_display_mode *)\u0027 [-Werror,-Wincompatible-function-pointer-types-strict]\n .mode_valid = sti_dvo_connector_mode_valid,\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~~\n drivers/gpu/drm/sti/sti_hdmi.c:1035:16: error: incompatible function pointer types initializing \u0027enum drm_mode_status (*)(struct drm_connector *, struct drm_display_mode *)\u0027 with an expression of type \u0027int (struct drm_connector *, struct drm_display_mode *)\u0027 [-Werror,-Wincompatible-function-pointer-types-strict]\n .mode_valid = sti_hdmi_connector_mode_valid,\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n-\u003emode_valid() in \u0027struct drm_connector_helper_funcs\u0027 expects a return\ntype of \u0027enum drm_mode_status\u0027, not \u0027int\u0027. Adjust the return type of\nsti_{dvo,hda,hdmi}_connector_mode_valid() to match the prototype\u0027s to\nresolve the warning and CFI failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50261",
"url": "https://www.suse.com/security/cve/CVE-2022-50261"
},
{
"category": "external",
"summary": "SUSE Bug 1249742 for CVE-2022-50261",
"url": "https://bugzilla.suse.com/1249742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50261"
},
{
"cve": "CVE-2022-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: socfpga: Fix memory leak in socfpga_gate_init()\n\nFree @socfpga_clk and @ops on the error path to avoid memory leak issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50264",
"url": "https://www.suse.com/security/cve/CVE-2022-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1249685 for CVE-2022-50264",
"url": "https://bugzilla.suse.com/1249685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50264"
},
{
"cve": "CVE-2022-50266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50266"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix check for probe enabled in kill_kprobe()\n\nIn kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be\ncalled always fails. This is because before that we set the\nKPROBE_FLAG_GONE flag for kprobe so that \"!kprobe_disabled(p)\" is always\nfalse.\n\nThe disarm_kprobe_ftrace() call introduced by commit:\n\n 0cb2f1372baa (\"kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler\")\n\nto fix the NULL pointer reference problem. When the probe is enabled, if\nwe do not disarm it, this problem still exists.\n\nFix it by putting the probe enabled check before setting the\nKPROBE_FLAG_GONE flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50266",
"url": "https://www.suse.com/security/cve/CVE-2022-50266"
},
{
"category": "external",
"summary": "SUSE Bug 1249810 for CVE-2022-50266",
"url": "https://bugzilla.suse.com/1249810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50266"
},
{
"cve": "CVE-2022-50267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: rtsx_pci: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and calling mmc_free_host() in the\nerror path, beside, runtime PM also needs be disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50267",
"url": "https://www.suse.com/security/cve/CVE-2022-50267"
},
{
"category": "external",
"summary": "SUSE Bug 1249749 for CVE-2022-50267",
"url": "https://bugzilla.suse.com/1249749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50267"
},
{
"cve": "CVE-2022-50268",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50268"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: moxart: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and goto error path which will call\nmmc_free_host().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50268",
"url": "https://www.suse.com/security/cve/CVE-2022-50268"
},
{
"category": "external",
"summary": "SUSE Bug 1249741 for CVE-2022-50268",
"url": "https://bugzilla.suse.com/1249741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50268"
},
{
"cve": "CVE-2022-50269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50269"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix memory leak in vkms_init()\n\nA memory leak was reported after the vkms module install failed.\n\nunreferenced object 0xffff88810bc28520 (size 16):\n comm \"modprobe\", pid 9662, jiffies 4298009455 (age 42.590s)\n hex dump (first 16 bytes):\n 01 01 00 64 81 88 ff ff 00 00 dc 0a 81 88 ff ff ...d............\n backtrace:\n [\u003c00000000e7561ff8\u003e] kmalloc_trace+0x27/0x60\n [\u003c000000000b1954a0\u003e] 0xffffffffc45200a9\n [\u003c00000000abbf1da0\u003e] do_one_initcall+0xd0/0x4f0\n [\u003c000000001505ee87\u003e] do_init_module+0x1a4/0x680\n [\u003c00000000958079ad\u003e] load_module+0x6249/0x7110\n [\u003c00000000117e4696\u003e] __do_sys_finit_module+0x140/0x200\n [\u003c00000000f74b12d2\u003e] do_syscall_64+0x35/0x80\n [\u003c000000008fc6fcde\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe reason is that the vkms_init() returns without checking the return\nvalue of vkms_create(), and if the vkms_create() failed, the config\nallocated at the beginning of vkms_init() is leaked.\n\n vkms_init()\n config = kmalloc(...) # config allocated\n ...\n return vkms_create() # vkms_create failed and config is leaked\n\nFix this problem by checking return value of vkms_create() and free the\nconfig if error happened.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50269",
"url": "https://www.suse.com/security/cve/CVE-2022-50269"
},
{
"category": "external",
"summary": "SUSE Bug 1249777 for CVE-2022-50269",
"url": "https://bugzilla.suse.com/1249777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50269"
},
{
"cve": "CVE-2022-50271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50271"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost/vsock: Use kvmalloc/kvfree for larger packets.\n\nWhen copying a large file over sftp over vsock, data size is usually 32kB,\nand kmalloc seems to fail to try to allocate 32 32kB regions.\n\n vhost-5837: page allocation failure: order:4, mode:0x24040c0\n Call Trace:\n [\u003cffffffffb6a0df64\u003e] dump_stack+0x97/0xdb\n [\u003cffffffffb68d6aed\u003e] warn_alloc_failed+0x10f/0x138\n [\u003cffffffffb68d868a\u003e] ? __alloc_pages_direct_compact+0x38/0xc8\n [\u003cffffffffb664619f\u003e] __alloc_pages_nodemask+0x84c/0x90d\n [\u003cffffffffb6646e56\u003e] alloc_kmem_pages+0x17/0x19\n [\u003cffffffffb6653a26\u003e] kmalloc_order_trace+0x2b/0xdb\n [\u003cffffffffb66682f3\u003e] __kmalloc+0x177/0x1f7\n [\u003cffffffffb66e0d94\u003e] ? copy_from_iter+0x8d/0x31d\n [\u003cffffffffc0689ab7\u003e] vhost_vsock_handle_tx_kick+0x1fa/0x301 [vhost_vsock]\n [\u003cffffffffc06828d9\u003e] vhost_worker+0xf7/0x157 [vhost]\n [\u003cffffffffb683ddce\u003e] kthread+0xfd/0x105\n [\u003cffffffffc06827e2\u003e] ? vhost_dev_set_owner+0x22e/0x22e [vhost]\n [\u003cffffffffb683dcd1\u003e] ? flush_kthread_worker+0xf3/0xf3\n [\u003cffffffffb6eb332e\u003e] ret_from_fork+0x4e/0x80\n [\u003cffffffffb683dcd1\u003e] ? flush_kthread_worker+0xf3/0xf3\n\nWork around by doing kvmalloc instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50271",
"url": "https://www.suse.com/security/cve/CVE-2022-50271"
},
{
"category": "external",
"summary": "SUSE Bug 1249740 for CVE-2022-50271",
"url": "https://bugzilla.suse.com/1249740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50271"
},
{
"cve": "CVE-2022-50272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\n\nWei Chen reports a kernel bug as blew:\n\ngeneral protection fault, probably for non-canonical address\nKASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n...\nCall Trace:\n\u003cTASK\u003e\n__i2c_transfer+0x77e/0x1930 drivers/i2c/i2c-core-base.c:2109\ni2c_transfer+0x1d5/0x3d0 drivers/i2c/i2c-core-base.c:2170\ni2cdev_ioctl_rdwr+0x393/0x660 drivers/i2c/i2c-dev.c:297\ni2cdev_ioctl+0x75d/0x9f0 drivers/i2c/i2c-dev.c:458\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_sys_ioctl fs/ioctl.c:870 [inline]\n__se_sys_ioctl+0xfb/0x170 fs/ioctl.c:856\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fd834a8bded\n\nIn az6027_i2c_xfer(), if msg[i].addr is 0x99,\na null-ptr-deref will caused when accessing msg[i].buf.\nFor msg[i].len is 0 and msg[i].buf is null.\n\nFix this by checking msg[i].len in az6027_i2c_xfer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50272",
"url": "https://www.suse.com/security/cve/CVE-2022-50272"
},
{
"category": "external",
"summary": "SUSE Bug 1249808 for CVE-2022-50272",
"url": "https://bugzilla.suse.com/1249808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50272"
},
{
"cve": "CVE-2022-50275",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50275"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: Add the missed acpi_put_table() to fix memory leak\n\nWhen the radeon driver reads the bios information from ACPI\ntable in radeon_acpi_vfct_bios(), it misses to call acpi_put_table()\nto release the ACPI memory after the init, so add acpi_put_table()\nproperly to fix the memory leak.\n\nv2: fix text formatting (Alex)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50275",
"url": "https://www.suse.com/security/cve/CVE-2022-50275"
},
{
"category": "external",
"summary": "SUSE Bug 1249705 for CVE-2022-50275",
"url": "https://bugzilla.suse.com/1249705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50275"
},
{
"cve": "CVE-2022-50276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50276"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: fix null pointer dereferencing in power_supply_get_battery_info\n\nwhen kmalloc() fail to allocate memory in kasprintf(), propname\nwill be NULL, strcmp() called by of_get_property() will cause\nnull pointer dereference.\n\nSo return ENOMEM if kasprintf() return NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50276",
"url": "https://www.suse.com/security/cve/CVE-2022-50276"
},
{
"category": "external",
"summary": "SUSE Bug 1249651 for CVE-2022-50276",
"url": "https://bugzilla.suse.com/1249651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50276"
},
{
"cve": "CVE-2022-50277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don\u0027t allow journal inode to have encrypt flag\n\nMounting a filesystem whose journal inode has the encrypt flag causes a\nNULL dereference in fscrypt_limit_io_blocks() when the \u0027inlinecrypt\u0027\nmount option is used.\n\nThe problem is that when jbd2_journal_init_inode() calls bmap(), it\neventually finds its way into ext4_iomap_begin(), which calls\nfscrypt_limit_io_blocks(). fscrypt_limit_io_blocks() requires that if\nthe inode is encrypted, then its encryption key must already be set up.\nThat\u0027s not the case here, since the journal inode is never \"opened\" like\na normal file would be. Hence the crash.\n\nA reproducer is:\n\n mkfs.ext4 -F /dev/vdb\n debugfs -w /dev/vdb -R \"set_inode_field \u003c8\u003e flags 0x80808\"\n mount /dev/vdb /mnt -o inlinecrypt\n\nTo fix this, make ext4 consider journal inodes with the encrypt flag to\nbe invalid. (Note, maybe other flags should be rejected on the journal\ninode too. For now, this is just the minimal fix for the above issue.)\n\nI\u0027ve marked this as fixing the commit that introduced the call to\nfscrypt_limit_io_blocks(), since that\u0027s what made an actual crash start\nbeing possible. But this fix could be applied to any version of ext4\nthat supports the encrypt feature.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50277",
"url": "https://www.suse.com/security/cve/CVE-2022-50277"
},
{
"category": "external",
"summary": "SUSE Bug 1249750 for CVE-2022-50277",
"url": "https://bugzilla.suse.com/1249750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50277"
},
{
"cve": "CVE-2022-50278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50278"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPNP: fix name memory leak in pnp_alloc_dev()\n\nAfter commit 1fa5ae857bb1 (\"driver core: get rid of struct device\u0027s\nbus_id string array\"), the name of device is allocated dynamically,\nmove dev_set_name() after pnp_add_id() to avoid memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50278",
"url": "https://www.suse.com/security/cve/CVE-2022-50278"
},
{
"category": "external",
"summary": "SUSE Bug 1249715 for CVE-2022-50278",
"url": "https://bugzilla.suse.com/1249715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50278"
},
{
"cve": "CVE-2022-50279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit()\n\nThere is a global-out-of-bounds reported by KASAN:\n\n BUG: KASAN: global-out-of-bounds in\n _rtl8812ae_eq_n_byte.part.0+0x3d/0x84 [rtl8821ae]\n Read of size 1 at addr ffffffffa0773c43 by task NetworkManager/411\n\n CPU: 6 PID: 411 Comm: NetworkManager Tainted: G D\n 6.1.0-rc8+ #144 e15588508517267d37\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),\n Call Trace:\n \u003cTASK\u003e\n ...\n kasan_report+0xbb/0x1c0\n _rtl8812ae_eq_n_byte.part.0+0x3d/0x84 [rtl8821ae]\n rtl8821ae_phy_bb_config.cold+0x346/0x641 [rtl8821ae]\n rtl8821ae_hw_init+0x1f5e/0x79b0 [rtl8821ae]\n ...\n \u003c/TASK\u003e\n\nThe root cause of the problem is that the comparison order of\n\"prate_section\" in _rtl8812ae_phy_set_txpower_limit() is wrong. The\n_rtl8812ae_eq_n_byte() is used to compare the first n bytes of the two\nstrings from tail to head, which causes the problem. In the\n_rtl8812ae_phy_set_txpower_limit(), it was originally intended to meet\nthis requirement by carefully designing the comparison order.\nFor example, \"pregulation\" and \"pbandwidth\" are compared in order of\nlength from small to large, first is 3 and last is 4. However, the\ncomparison order of \"prate_section\" dose not obey such order requirement,\ntherefore when \"prate_section\" is \"HT\", when comparing from tail to head,\nit will lead to access out of bounds in _rtl8812ae_eq_n_byte(). As\nmentioned above, the _rtl8812ae_eq_n_byte() has the same function as\nstrcmp(), so just strcmp() is enough.\n\nFix it by removing _rtl8812ae_eq_n_byte() and use strcmp() barely.\nAlthough it can be fixed by adjusting the comparison order of\n\"prate_section\", this may cause the value of \"rate_section\" to not be\nfrom 0 to 5. In addition, commit \"21e4b0726dc6\" not only moved driver\nfrom staging to regular tree, but also added setting txpower limit\nfunction during the driver config phase, so the problem was introduced\nby this commit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50279",
"url": "https://www.suse.com/security/cve/CVE-2022-50279"
},
{
"category": "external",
"summary": "SUSE Bug 1249751 for CVE-2022-50279",
"url": "https://bugzilla.suse.com/1249751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50279"
},
{
"cve": "CVE-2022-50282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50282"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nchardev: fix error handling in cdev_device_add()\n\nWhile doing fault injection test, I got the following report:\n\n------------[ cut here ]------------\nkobject: \u0027(null)\u0027 (0000000039956980): is not initialized, yet kobject_put() is being called.\nWARNING: CPU: 3 PID: 6306 at kobject_put+0x23d/0x4e0\nCPU: 3 PID: 6306 Comm: 283 Tainted: G W 6.1.0-rc2-00005-g307c1086d7c9 #1253\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:kobject_put+0x23d/0x4e0\nCall Trace:\n \u003cTASK\u003e\n cdev_device_add+0x15e/0x1b0\n __iio_device_register+0x13b4/0x1af0 [industrialio]\n __devm_iio_device_register+0x22/0x90 [industrialio]\n max517_probe+0x3d8/0x6b4 [max517]\n i2c_device_probe+0xa81/0xc00\n\nWhen device_add() is injected fault and returns error, if dev-\u003edevt is not set,\ncdev_add() is not called, cdev_del() is not needed. Fix this by checking dev-\u003edevt\nin error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50282",
"url": "https://www.suse.com/security/cve/CVE-2022-50282"
},
{
"category": "external",
"summary": "SUSE Bug 1249739 for CVE-2022-50282",
"url": "https://bugzilla.suse.com/1249739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50282"
},
{
"cve": "CVE-2022-50286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50286"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline\n\nWhen converting files with inline data to extents, delayed allocations\nmade on a file system created with both the bigalloc and inline options\ncan result in invalid extent status cache content, incorrect reserved\ncluster counts, kernel memory leaks, and potential kernel panics.\n\nWith bigalloc, the code that determines whether a block must be\ndelayed allocated searches the extent tree to see if that block maps\nto a previously allocated cluster. If not, the block is delayed\nallocated, and otherwise, it isn\u0027t. However, if the inline option is\nalso used, and if the file containing the block is marked as able to\nstore data inline, there isn\u0027t a valid extent tree associated with\nthe file. The current code in ext4_clu_mapped() calls\next4_find_extent() to search the non-existent tree for a previously\nallocated cluster anyway, which typically finds nothing, as desired.\nHowever, a side effect of the search can be to cache invalid content\nfrom the non-existent tree (garbage) in the extent status tree,\nincluding bogus entries in the pending reservation tree.\n\nTo fix this, avoid searching the extent tree when allocating blocks\nfor bigalloc + inline files that are being converted from inline to\nextent mapped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50286",
"url": "https://www.suse.com/security/cve/CVE-2022-50286"
},
{
"category": "external",
"summary": "SUSE Bug 1249753 for CVE-2022-50286",
"url": "https://bugzilla.suse.com/1249753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50286"
},
{
"cve": "CVE-2022-50287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50287"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/bios: fix a memory leak in generate_lfp_data_ptrs\n\nWhen (size != 0 || ptrs-\u003elvds_ entries != 3), the program tries to\nfree() the ptrs. However, the ptrs is not created by calling kzmalloc(),\nbut is obtained by pointer offset operation.\nThis may lead to memory leaks or undefined behavior.\n\nFix this by replacing the arguments of kfree() with ptrs_block.\n\n(cherry picked from commit 7674cd0b7d28b952151c3df26bbfa7e07eb2b4ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50287",
"url": "https://www.suse.com/security/cve/CVE-2022-50287"
},
{
"category": "external",
"summary": "SUSE Bug 1249757 for CVE-2022-50287",
"url": "https://bugzilla.suse.com/1249757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50287"
},
{
"cve": "CVE-2022-50288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqlcnic: prevent -\u003edcb use-after-free on qlcnic_dcb_enable() failure\n\nadapter-\u003edcb would get silently freed inside qlcnic_dcb_enable() in\ncase qlcnic_dcb_attach() would return an error, which always happens\nunder OOM conditions. This would lead to use-after-free because both\nof the existing callers invoke qlcnic_dcb_get_info() on the obtained\npointer, which is potentially freed at that point.\n\nPropagate errors from qlcnic_dcb_enable(), and instead free the dcb\npointer at callsite using qlcnic_dcb_free(). This also removes the now\nunused qlcnic_clear_dcb_ops() helper, which was a simple wrapper around\nkfree() also causing memory leaks for partially initialized dcb.\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE\nstatic analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50288",
"url": "https://www.suse.com/security/cve/CVE-2022-50288"
},
{
"category": "external",
"summary": "SUSE Bug 1249802 for CVE-2022-50288",
"url": "https://bugzilla.suse.com/1249802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50288"
},
{
"cve": "CVE-2022-50289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix memory leak in ocfs2_stack_glue_init()\n\nocfs2_table_header should be free in ocfs2_stack_glue_init() if\nocfs2_sysfs_init() failed, otherwise kmemleak will report memleak.\n\nBUG: memory leak\nunreferenced object 0xffff88810eeb5800 (size 128):\n comm \"modprobe\", pid 4507, jiffies 4296182506 (age 55.888s)\n hex dump (first 32 bytes):\n c0 40 14 a0 ff ff ff ff 00 00 00 00 01 00 00 00 .@..............\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000001e59e1cd\u003e] __register_sysctl_table+0xca/0xef0\n [\u003c00000000c04f70f7\u003e] 0xffffffffa0050037\n [\u003c000000001bd12912\u003e] do_one_initcall+0xdb/0x480\n [\u003c0000000064f766c9\u003e] do_init_module+0x1cf/0x680\n [\u003c000000002ba52db0\u003e] load_module+0x6441/0x6f20\n [\u003c000000009772580d\u003e] __do_sys_finit_module+0x12f/0x1c0\n [\u003c00000000380c1f22\u003e] do_syscall_64+0x3f/0x90\n [\u003c000000004cf473bc\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50289",
"url": "https://www.suse.com/security/cve/CVE-2022-50289"
},
{
"category": "external",
"summary": "SUSE Bug 1249981 for CVE-2022-50289",
"url": "https://bugzilla.suse.com/1249981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50289"
},
{
"cve": "CVE-2022-50292",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50292"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: fix bridge lifetime\n\nDevice-managed resources allocated post component bind must be tied to\nthe lifetime of the aggregate DRM device or they will not necessarily be\nreleased when binding of the aggregate device is deferred.\n\nThis can lead resource leaks or failure to bind the aggregate device\nwhen binding is later retried and a second attempt to allocate the\nresources is made.\n\nFor the DP bridges, previously allocated bridges will leak on probe\ndeferral.\n\nFix this by amending the DP parser interface and tying the lifetime of\nthe bridge device to the DRM device rather than DP platform device.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502667/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50292",
"url": "https://www.suse.com/security/cve/CVE-2022-50292"
},
{
"category": "external",
"summary": "SUSE Bug 1249800 for CVE-2022-50292",
"url": "https://bugzilla.suse.com/1249800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50292"
},
{
"cve": "CVE-2022-50294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix memory leak in lbs_init_adapter()\n\nWhen kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not\nreleased. Add free memory to processing error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50294",
"url": "https://www.suse.com/security/cve/CVE-2022-50294"
},
{
"category": "external",
"summary": "SUSE Bug 1249799 for CVE-2022-50294",
"url": "https://bugzilla.suse.com/1249799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50294"
},
{
"cve": "CVE-2022-50297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: verify the expected usb_endpoints are present\n\nThe bug arises when a USB device claims to be an ATH9K but doesn\u0027t\nhave the expected endpoints. (In this case there was an interrupt\nendpoint where the driver expected a bulk endpoint.) The kernel\nneeds to be able to handle such devices without getting an internal error.\n\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 3 PID: 500 at drivers/usb/core/urb.c:493 usb_submit_urb+0xce2/0x1430 drivers/usb/core/urb.c:493\nModules linked in:\nCPU: 3 PID: 500 Comm: kworker/3:2 Not tainted 5.10.135-syzkaller #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events request_firmware_work_func\nRIP: 0010:usb_submit_urb+0xce2/0x1430 drivers/usb/core/urb.c:493\nCall Trace:\n ath9k_hif_usb_alloc_rx_urbs drivers/net/wireless/ath/ath9k/hif_usb.c:908 [inline]\n ath9k_hif_usb_alloc_urbs+0x75e/0x1010 drivers/net/wireless/ath/ath9k/hif_usb.c:1019\n ath9k_hif_usb_dev_init drivers/net/wireless/ath/ath9k/hif_usb.c:1109 [inline]\n ath9k_hif_usb_firmware_cb+0x142/0x530 drivers/net/wireless/ath/ath9k/hif_usb.c:1242\n request_firmware_work_func+0x12e/0x240 drivers/base/firmware_loader/main.c:1097\n process_one_work+0x9af/0x1600 kernel/workqueue.c:2279\n worker_thread+0x61d/0x12f0 kernel/workqueue.c:2425\n kthread+0x3b4/0x4a0 kernel/kthread.c:313\n ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:299\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50297",
"url": "https://www.suse.com/security/cve/CVE-2022-50297"
},
{
"category": "external",
"summary": "SUSE Bug 1250250 for CVE-2022-50297",
"url": "https://bugzilla.suse.com/1250250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50297"
},
{
"cve": "CVE-2022-50298",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50298"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: qcom-ngd: cleanup in probe error path\n\nAdd proper error path in probe() to cleanup resources previously\nacquired/allocated to fix warnings visible during probe deferral:\n\n notifier callback qcom_slim_ngd_ssr_notify already registered\n WARNING: CPU: 6 PID: 70 at kernel/notifier.c:28 notifier_chain_register+0x5c/0x90\n Modules linked in:\n CPU: 6 PID: 70 Comm: kworker/u16:1 Not tainted 6.0.0-rc3-next-20220830 #380\n Call trace:\n notifier_chain_register+0x5c/0x90\n srcu_notifier_chain_register+0x44/0x90\n qcom_register_ssr_notifier+0x38/0x4c\n qcom_slim_ngd_ctrl_probe+0xd8/0x400\n platform_probe+0x6c/0xe0\n really_probe+0xbc/0x2d4\n __driver_probe_device+0x78/0xe0\n driver_probe_device+0x3c/0x12c\n __device_attach_driver+0xb8/0x120\n bus_for_each_drv+0x78/0xd0\n __device_attach+0xa8/0x1c0\n device_initial_probe+0x18/0x24\n bus_probe_device+0xa0/0xac\n deferred_probe_work_func+0x88/0xc0\n process_one_work+0x1d4/0x320\n worker_thread+0x2cc/0x44c\n kthread+0x110/0x114\n ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50298",
"url": "https://www.suse.com/security/cve/CVE-2022-50298"
},
{
"category": "external",
"summary": "SUSE Bug 1249934 for CVE-2022-50298",
"url": "https://bugzilla.suse.com/1249934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50298"
},
{
"cve": "CVE-2022-50299",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50299"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Replace snprintf with scnprintf\n\nCurrent code produces a warning as shown below when total characters\nin the constituent block device names plus the slashes exceeds 200.\nsnprintf() returns the number of characters generated from the given\ninput, which could cause the expression \"200 - len\" to wrap around\nto a large positive number. Fix this by using scnprintf() instead,\nwhich returns the actual number of characters written into the buffer.\n\n[ 1513.267938] ------------[ cut here ]------------\n[ 1513.267943] WARNING: CPU: 15 PID: 37247 at \u003csnip\u003e/lib/vsprintf.c:2509 vsnprintf+0x2c8/0x510\n[ 1513.267944] Modules linked in: \u003csnip\u003e\n[ 1513.267969] CPU: 15 PID: 37247 Comm: mdadm Not tainted 5.4.0-1085-azure #90~18.04.1-Ubuntu\n[ 1513.267969] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 1513.267971] RIP: 0010:vsnprintf+0x2c8/0x510\n\u003c-snip-\u003e\n[ 1513.267982] Call Trace:\n[ 1513.267986] snprintf+0x45/0x70\n[ 1513.267990] ? disk_name+0x71/0xa0\n[ 1513.267993] dump_zones+0x114/0x240 [raid0]\n[ 1513.267996] ? _cond_resched+0x19/0x40\n[ 1513.267998] raid0_run+0x19e/0x270 [raid0]\n[ 1513.268000] md_run+0x5e0/0xc50\n[ 1513.268003] ? security_capable+0x3f/0x60\n[ 1513.268005] do_md_run+0x19/0x110\n[ 1513.268006] md_ioctl+0x195e/0x1f90\n[ 1513.268007] blkdev_ioctl+0x91f/0x9f0\n[ 1513.268010] block_ioctl+0x3d/0x50\n[ 1513.268012] do_vfs_ioctl+0xa9/0x640\n[ 1513.268014] ? __fput+0x162/0x260\n[ 1513.268016] ksys_ioctl+0x75/0x80\n[ 1513.268017] __x64_sys_ioctl+0x1a/0x20\n[ 1513.268019] do_syscall_64+0x5e/0x200\n[ 1513.268021] entry_SYSCALL_64_after_hwframe+0x44/0xa9",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50299",
"url": "https://www.suse.com/security/cve/CVE-2022-50299"
},
{
"category": "external",
"summary": "SUSE Bug 1249734 for CVE-2022-50299",
"url": "https://bugzilla.suse.com/1249734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50299"
},
{
"cve": "CVE-2022-50301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/omap: Fix buffer overflow in debugfs\n\nThere are two issues here:\n\n1) The \"len\" variable needs to be checked before the very first write.\n Otherwise if omap2_iommu_dump_ctx() with \"bytes\" less than 32 it is a\n buffer overflow.\n2) The snprintf() function returns the number of bytes that *would* have\n been copied if there were enough space. But we want to know the\n number of bytes which were *actually* copied so use scnprintf()\n instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50301",
"url": "https://www.suse.com/security/cve/CVE-2022-50301"
},
{
"category": "external",
"summary": "SUSE Bug 1249733 for CVE-2022-50301",
"url": "https://bugzilla.suse.com/1249733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50301"
},
{
"cve": "CVE-2022-50303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix double release compute pasid\n\nIf kfd_process_device_init_vm returns failure after vm is converted to\ncompute vm and vm-\u003epasid set to compute pasid, KFD will not take\npdd-\u003edrm_file reference. As a result, drm close file handler maybe\ncalled to release the compute pasid before KFD process destroy worker to\nrelease the same pasid and set vm-\u003epasid to zero, this generates below\nWARNING backtrace and NULL pointer access.\n\nAdd helper amdgpu_amdkfd_gpuvm_set_vm_pasid and call it at the last step\nof kfd_process_device_init_vm, to ensure vm pasid is the original pasid\nif acquiring vm failed or is the compute pasid with pdd-\u003edrm_file\nreference taken to avoid double release same pasid.\n\n amdgpu: Failed to create process VM object\n ida_free called for id=32770 which is not allocated.\n WARNING: CPU: 57 PID: 72542 at ../lib/idr.c:522 ida_free+0x96/0x140\n RIP: 0010:ida_free+0x96/0x140\n Call Trace:\n amdgpu_pasid_free_delayed+0xe1/0x2a0 [amdgpu]\n amdgpu_driver_postclose_kms+0x2d8/0x340 [amdgpu]\n drm_file_free.part.13+0x216/0x270 [drm]\n drm_close_helper.isra.14+0x60/0x70 [drm]\n drm_release+0x6e/0xf0 [drm]\n __fput+0xcc/0x280\n ____fput+0xe/0x20\n task_work_run+0x96/0xc0\n do_exit+0x3d0/0xc10\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n RIP: 0010:ida_free+0x76/0x140\n Call Trace:\n amdgpu_pasid_free_delayed+0xe1/0x2a0 [amdgpu]\n amdgpu_driver_postclose_kms+0x2d8/0x340 [amdgpu]\n drm_file_free.part.13+0x216/0x270 [drm]\n drm_close_helper.isra.14+0x60/0x70 [drm]\n drm_release+0x6e/0xf0 [drm]\n __fput+0xcc/0x280\n ____fput+0xe/0x20\n task_work_run+0x96/0xc0\n do_exit+0x3d0/0xc10",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50303",
"url": "https://www.suse.com/security/cve/CVE-2022-50303"
},
{
"category": "external",
"summary": "SUSE Bug 1249884 for CVE-2022-50303",
"url": "https://bugzilla.suse.com/1249884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50303"
},
{
"cve": "CVE-2022-50308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50308"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Add checks for devm_kcalloc\n\nAs the devm_kcalloc may return NULL, the return value needs to be checked\nto avoid NULL poineter dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50308",
"url": "https://www.suse.com/security/cve/CVE-2022-50308"
},
{
"category": "external",
"summary": "SUSE Bug 1249722 for CVE-2022-50308",
"url": "https://bugzilla.suse.com/1249722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50308"
},
{
"cve": "CVE-2022-50309",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50309"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50309",
"url": "https://www.suse.com/security/cve/CVE-2022-50309"
},
{
"category": "external",
"summary": "SUSE Bug 1249718 for CVE-2022-50309",
"url": "https://bugzilla.suse.com/1249718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50309"
},
{
"cve": "CVE-2022-50312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50312"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: serial: jsm: fix some leaks in probe\n\nThis error path needs to unwind instead of just returning directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50312",
"url": "https://www.suse.com/security/cve/CVE-2022-50312"
},
{
"category": "external",
"summary": "SUSE Bug 1249716 for CVE-2022-50312",
"url": "https://bugzilla.suse.com/1249716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50312"
},
{
"cve": "CVE-2022-50317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50317"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: megachips: Fix a null pointer dereference bug\n\nWhen removing the module we will get the following warning:\n\n[ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered\n[ 31.912484] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 31.913338] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 31.915280] RIP: 0010:drm_bridge_remove+0x97/0x130\n[ 31.921825] Call Trace:\n[ 31.922533] stdp4028_ge_b850v3_fw_remove+0x34/0x60 [megachips_stdpxxxx_ge_b850v3_fw]\n[ 31.923139] i2c_device_remove+0x181/0x1f0\n\nThe two bridges (stdp2690, stdp4028) do not probe at the same time, so\nthe driver does not call ge_b850v3_resgiter() when probing, causing the\ndriver to try to remove the object that has not been initialized.\n\nFix this by checking whether both the bridges are probed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50317",
"url": "https://www.suse.com/security/cve/CVE-2022-50317"
},
{
"category": "external",
"summary": "SUSE Bug 1249713 for CVE-2022-50317",
"url": "https://bugzilla.suse.com/1249713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50317"
},
{
"cve": "CVE-2022-50318",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50318"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()\n\npci_get_device() will increase the reference count for the returned\n\u0027dev\u0027. We need to call pci_dev_put() to decrease the reference count.\nSince \u0027dev\u0027 is only used in pci_read_config_dword(), let\u0027s add\npci_dev_put() right after it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50318",
"url": "https://www.suse.com/security/cve/CVE-2022-50318"
},
{
"category": "external",
"summary": "SUSE Bug 1249709 for CVE-2022-50318",
"url": "https://bugzilla.suse.com/1249709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50318"
},
{
"cve": "CVE-2022-50320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: tables: FPDT: Don\u0027t call acpi_os_map_memory() on invalid phys address\n\nOn a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table\nwhich contains invalid physical addresses, with high bits set which fall\noutside the range of the CPU-s supported physical address range.\n\nCalling acpi_os_map_memory() on such an invalid phys address leads to\nthe below WARN_ON in ioremap triggering resulting in an oops/stacktrace.\n\nAdd code to verify the physical address before calling acpi_os_map_memory()\nto fix / avoid the oops.\n\n[ 1.226900] ioremap: invalid physical address 3001000000000000\n[ 1.226949] ------------[ cut here ]------------\n[ 1.226962] WARNING: CPU: 1 PID: 1 at arch/x86/mm/ioremap.c:200 __ioremap_caller.cold+0x43/0x5f\n[ 1.226996] Modules linked in:\n[ 1.227016] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.0.0-rc3+ #490\n[ 1.227029] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013\n[ 1.227038] RIP: 0010:__ioremap_caller.cold+0x43/0x5f\n[ 1.227054] Code: 96 00 00 e9 f8 af 24 ff 89 c6 48 c7 c7 d8 0c 84 99 e8 6a 96 00 00 e9 76 af 24 ff 48 89 fe 48 c7 c7 a8 0c 84 99 e8 56 96 00 00 \u003c0f\u003e 0b e9 60 af 24 ff 48 8b 34 24 48 c7 c7 40 0d 84 99 e8 3f 96 00\n[ 1.227067] RSP: 0000:ffffb18c40033d60 EFLAGS: 00010286\n[ 1.227084] RAX: 0000000000000032 RBX: 3001000000000000 RCX: 0000000000000000\n[ 1.227095] RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00000000ffffffff\n[ 1.227105] RBP: 3001000000000000 R08: 0000000000000000 R09: ffffb18c40033c18\n[ 1.227115] R10: 0000000000000003 R11: ffffffff99d62fe8 R12: 0000000000000008\n[ 1.227124] R13: 0003001000000000 R14: 0000000000001000 R15: 3001000000000000\n[ 1.227135] FS: 0000000000000000(0000) GS:ffff913a3c080000(0000) knlGS:0000000000000000\n[ 1.227146] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.227156] CR2: 0000000000000000 CR3: 0000000018c26000 CR4: 00000000000006e0\n[ 1.227167] Call Trace:\n[ 1.227176] \u003cTASK\u003e\n[ 1.227185] ? acpi_os_map_iomem+0x1c9/0x1e0\n[ 1.227215] ? kmem_cache_alloc_trace+0x187/0x370\n[ 1.227254] acpi_os_map_iomem+0x1c9/0x1e0\n[ 1.227288] acpi_init_fpdt+0xa8/0x253\n[ 1.227308] ? acpi_debugfs_init+0x1f/0x1f\n[ 1.227339] do_one_initcall+0x5a/0x300\n[ 1.227406] ? rcu_read_lock_sched_held+0x3f/0x80\n[ 1.227442] kernel_init_freeable+0x28b/0x2cc\n[ 1.227512] ? rest_init+0x170/0x170\n[ 1.227538] kernel_init+0x16/0x140\n[ 1.227552] ret_from_fork+0x1f/0x30\n[ 1.227639] \u003c/TASK\u003e\n[ 1.227647] irq event stamp: 186819\n[ 1.227656] hardirqs last enabled at (186825): [\u003cffffffff98184a6e\u003e] __up_console_sem+0x5e/0x70\n[ 1.227672] hardirqs last disabled at (186830): [\u003cffffffff98184a53\u003e] __up_console_sem+0x43/0x70\n[ 1.227686] softirqs last enabled at (186576): [\u003cffffffff980fbc9d\u003e] __irq_exit_rcu+0xed/0x160\n[ 1.227701] softirqs last disabled at (186569): [\u003cffffffff980fbc9d\u003e] __irq_exit_rcu+0xed/0x160\n[ 1.227715] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50320",
"url": "https://www.suse.com/security/cve/CVE-2022-50320"
},
{
"category": "external",
"summary": "SUSE Bug 1249858 for CVE-2022-50320",
"url": "https://bugzilla.suse.com/1249858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50320"
},
{
"cve": "CVE-2022-50321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()\n\nThe brcmf_netdev_start_xmit() returns NETDEV_TX_OK without freeing skb\nin case of pskb_expand_head() fails, add dev_kfree_skb() to fix it.\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50321",
"url": "https://www.suse.com/security/cve/CVE-2022-50321"
},
{
"category": "external",
"summary": "SUSE Bug 1249706 for CVE-2022-50321",
"url": "https://bugzilla.suse.com/1249706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50321"
},
{
"cve": "CVE-2022-50323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50323"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not sense pfmemalloc status in skb_append_pagefrags()\n\nskb_append_pagefrags() is used by af_unix and udp sendpage()\nimplementation so far.\n\nIn commit 326140063946 (\"tcp: TX zerocopy should not sense\npfmemalloc status\") we explained why we should not sense\npfmemalloc status for pages owned by user space.\n\nWe should also use skb_fill_page_desc_noacc()\nin skb_append_pagefrags() to avoid following KCSAN report:\n\nBUG: KCSAN: data-race in lru_add_fn / skb_append_pagefrags\n\nwrite to 0xffffea00058fc1c8 of 8 bytes by task 17319 on cpu 0:\n__list_add include/linux/list.h:73 [inline]\nlist_add include/linux/list.h:88 [inline]\nlruvec_add_folio include/linux/mm_inline.h:323 [inline]\nlru_add_fn+0x327/0x410 mm/swap.c:228\nfolio_batch_move_lru+0x1e1/0x2a0 mm/swap.c:246\nlru_add_drain_cpu+0x73/0x250 mm/swap.c:669\nlru_add_drain+0x21/0x60 mm/swap.c:773\nfree_pages_and_swap_cache+0x16/0x70 mm/swap_state.c:311\ntlb_batch_pages_flush mm/mmu_gather.c:59 [inline]\ntlb_flush_mmu_free mm/mmu_gather.c:256 [inline]\ntlb_flush_mmu+0x5b2/0x640 mm/mmu_gather.c:263\ntlb_finish_mmu+0x86/0x100 mm/mmu_gather.c:363\nexit_mmap+0x190/0x4d0 mm/mmap.c:3098\n__mmput+0x27/0x1b0 kernel/fork.c:1185\nmmput+0x3d/0x50 kernel/fork.c:1207\ncopy_process+0x19fc/0x2100 kernel/fork.c:2518\nkernel_clone+0x166/0x550 kernel/fork.c:2671\n__do_sys_clone kernel/fork.c:2812 [inline]\n__se_sys_clone kernel/fork.c:2796 [inline]\n__x64_sys_clone+0xc3/0xf0 kernel/fork.c:2796\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nread to 0xffffea00058fc1c8 of 8 bytes by task 17325 on cpu 1:\npage_is_pfmemalloc include/linux/mm.h:1817 [inline]\n__skb_fill_page_desc include/linux/skbuff.h:2432 [inline]\nskb_fill_page_desc include/linux/skbuff.h:2453 [inline]\nskb_append_pagefrags+0x210/0x600 net/core/skbuff.c:3974\nunix_stream_sendpage+0x45e/0x990 net/unix/af_unix.c:2338\nkernel_sendpage+0x184/0x300 net/socket.c:3561\nsock_sendpage+0x5a/0x70 net/socket.c:1054\npipe_to_sendpage+0x128/0x160 fs/splice.c:361\nsplice_from_pipe_feed fs/splice.c:415 [inline]\n__splice_from_pipe+0x222/0x4d0 fs/splice.c:559\nsplice_from_pipe fs/splice.c:594 [inline]\ngeneric_splice_sendpage+0x89/0xc0 fs/splice.c:743\ndo_splice_from fs/splice.c:764 [inline]\ndirect_splice_actor+0x80/0xa0 fs/splice.c:931\nsplice_direct_to_actor+0x305/0x620 fs/splice.c:886\ndo_splice_direct+0xfb/0x180 fs/splice.c:974\ndo_sendfile+0x3bf/0x910 fs/read_write.c:1255\n__do_sys_sendfile64 fs/read_write.c:1323 [inline]\n__se_sys_sendfile64 fs/read_write.c:1309 [inline]\n__x64_sys_sendfile64+0x10c/0x150 fs/read_write.c:1309\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nvalue changed: 0x0000000000000000 -\u003e 0xffffea00058fc188\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 17325 Comm: syz-executor.0 Not tainted 6.1.0-rc1-syzkaller-00158-g440b7895c990-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50323",
"url": "https://www.suse.com/security/cve/CVE-2022-50323"
},
{
"category": "external",
"summary": "SUSE Bug 1249708 for CVE-2022-50323",
"url": "https://bugzilla.suse.com/1249708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50323"
},
{
"cve": "CVE-2022-50324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: pxa2xx-flash: fix memory leak in probe\n\nFree \u0027info\u0027 upon remapping error to avoid a memory leak.\n\n[\u003cmiquel.raynal@bootlin.com\u003e: Reword the commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50324",
"url": "https://www.suse.com/security/cve/CVE-2022-50324"
},
{
"category": "external",
"summary": "SUSE Bug 1249701 for CVE-2022-50324",
"url": "https://bugzilla.suse.com/1249701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50324"
},
{
"cve": "CVE-2022-50325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix potential RX buffer overflow\n\nIf an event caused firmware to return invalid RX size for\nLARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes.\nFix by utilizing min_t().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50325",
"url": "https://www.suse.com/security/cve/CVE-2022-50325"
},
{
"category": "external",
"summary": "SUSE Bug 1249704 for CVE-2022-50325",
"url": "https://bugzilla.suse.com/1249704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50325"
},
{
"cve": "CVE-2022-50328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: fix potential use-after-free in jbd2_fc_wait_bufs\n\nIn \u0027jbd2_fc_wait_bufs\u0027 use \u0027bh\u0027 after put buffer head reference count\nwhich may lead to use-after-free.\nSo judge buffer if uptodate before put buffer head reference count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50328",
"url": "https://www.suse.com/security/cve/CVE-2022-50328"
},
{
"category": "external",
"summary": "SUSE Bug 1250181 for CVE-2022-50328",
"url": "https://bugzilla.suse.com/1250181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50328"
},
{
"cve": "CVE-2022-50329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50329"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq\n\nCommit 64dc8c732f5c (\"block, bfq: fix possible uaf for \u0027bfqq-\u003ebic\u0027\")\nwill access \u0027bic-\u003ebfqq\u0027 in bic_set_bfqq(), however, bfq_exit_icq_bfqq()\ncan free bfqq first, and then call bic_set_bfqq(), which will cause uaf.\n\nFix the problem by moving bfq_exit_bfqq() behind bic_set_bfqq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50329",
"url": "https://www.suse.com/security/cve/CVE-2022-50329"
},
{
"category": "external",
"summary": "SUSE Bug 1249699 for CVE-2022-50329",
"url": "https://bugzilla.suse.com/1249699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50329"
},
{
"cve": "CVE-2022-50330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50330"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: cavium - prevent integer overflow loading firmware\n\nThe \"code_length\" value comes from the firmware file. If your firmware\nis untrusted realistically there is probably very little you can do to\nprotect yourself. Still we try to limit the damage as much as possible.\nAlso Smatch marks any data read from the filesystem as untrusted and\nprints warnings if it not capped correctly.\n\nThe \"ntohl(ucode-\u003ecode_length) * 2\" multiplication can have an\ninteger overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50330",
"url": "https://www.suse.com/security/cve/CVE-2022-50330"
},
{
"category": "external",
"summary": "SUSE Bug 1249700 for CVE-2022-50330",
"url": "https://bugzilla.suse.com/1249700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50330"
},
{
"cve": "CVE-2022-50331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50331"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()\n\nInject fault while probing module, if device_register() fails,\nbut the refcount of kobject is not decreased to 0, the name\nallocated in dev_set_name() is leaked. Fix this by calling\nput_device(), so that name can be freed in callback function\nkobject_cleanup().\n\nunreferenced object 0xffff88810152ad20 (size 8):\n comm \"modprobe\", pid 252, jiffies 4294849206 (age 22.713s)\n hex dump (first 8 bytes):\n 68 77 73 69 6d 30 00 ff hwsim0..\n backtrace:\n [\u003c000000009c3504ed\u003e] __kmalloc_node_track_caller+0x44/0x1b0\n [\u003c00000000c0228a5e\u003e] kvasprintf+0xb5/0x140\n [\u003c00000000cff8c21f\u003e] kvasprintf_const+0x55/0x180\n [\u003c0000000055a1e073\u003e] kobject_set_name_vargs+0x56/0x150\n [\u003c000000000a80b139\u003e] dev_set_name+0xab/0xe0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50331",
"url": "https://www.suse.com/security/cve/CVE-2022-50331"
},
{
"category": "external",
"summary": "SUSE Bug 1249695 for CVE-2022-50331",
"url": "https://bugzilla.suse.com/1249695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50331"
},
{
"cve": "CVE-2022-50333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: jfs: fix shift-out-of-bounds in dbDiscardAG\n\nThis should be applied to most URSAN bugs found recently by syzbot,\nby guarding the dbMount. As syzbot feeding rubbish into the bmap\ndescriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50333",
"url": "https://www.suse.com/security/cve/CVE-2022-50333"
},
{
"category": "external",
"summary": "SUSE Bug 1249860 for CVE-2022-50333",
"url": "https://bugzilla.suse.com/1249860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50333"
},
{
"cve": "CVE-2022-50339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()\n\nsyzbot is again reporting attempt to cancel uninitialized work\nat mgmt_index_removed() [1], for setting of HCI_MGMT flag from\nmgmt_init_hdev() from hci_mgmt_cmd() from hci_sock_sendmsg() can\nrace with testing of HCI_MGMT flag from mgmt_index_removed() from\nhci_sock_bind() due to lack of serialization via hci_dev_lock().\n\nSince mgmt_init_hdev() is called with mgmt_chan_list_lock held, we can\nsafely split hci_dev_test_and_set_flag() into hci_dev_test_flag() and\nhci_dev_set_flag(). Thus, in order to close this race, set HCI_MGMT flag\nafter INIT_DELAYED_WORK() completed.\n\nThis is a local fix based on mgmt_chan_list_lock. Lack of serialization\nvia hci_dev_lock() might be causing different race conditions somewhere\nelse. But a global fix based on hci_dev_lock() should deserve a future\npatch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50339",
"url": "https://www.suse.com/security/cve/CVE-2022-50339"
},
{
"category": "external",
"summary": "SUSE Bug 1249913 for CVE-2022-50339",
"url": "https://bugzilla.suse.com/1249913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50339"
},
{
"cve": "CVE-2022-50340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50340"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vimc: Fix wrong function called when vimc_init() fails\n\nIn vimc_init(), when platform_driver_register(\u0026vimc_pdrv) fails,\nplatform_driver_unregister(\u0026vimc_pdrv) is wrongly called rather than\nplatform_device_unregister(\u0026vimc_pdev), which causes kernel warning:\n\n Unexpected driver unregister!\n WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0\n RIP: 0010:driver_unregister+0x8f/0xb0\n Call Trace:\n \u003cTASK\u003e\n vimc_init+0x7d/0x1000 [vimc]\n do_one_initcall+0xd0/0x4e0\n do_init_module+0x1cf/0x6b0\n load_module+0x65c2/0x7820",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50340",
"url": "https://www.suse.com/security/cve/CVE-2022-50340"
},
{
"category": "external",
"summary": "SUSE Bug 1249892 for CVE-2022-50340",
"url": "https://bugzilla.suse.com/1249892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50340"
},
{
"cve": "CVE-2022-50342",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50342"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfloppy: Fix memory leak in do_floppy_init()\n\nA memory leak was reported when floppy_alloc_disk() failed in\ndo_floppy_init().\n\nunreferenced object 0xffff888115ed25a0 (size 8):\n comm \"modprobe\", pid 727, jiffies 4295051278 (age 25.529s)\n hex dump (first 8 bytes):\n 00 ac 67 5b 81 88 ff ff ..g[....\n backtrace:\n [\u003c000000007f457abb\u003e] __kmalloc_node+0x4c/0xc0\n [\u003c00000000a87bfa9e\u003e] blk_mq_realloc_tag_set_tags.part.0+0x6f/0x180\n [\u003c000000006f02e8b1\u003e] blk_mq_alloc_tag_set+0x573/0x1130\n [\u003c0000000066007fd7\u003e] 0xffffffffc06b8b08\n [\u003c0000000081f5ac40\u003e] do_one_initcall+0xd0/0x4f0\n [\u003c00000000e26d04ee\u003e] do_init_module+0x1a4/0x680\n [\u003c000000001bb22407\u003e] load_module+0x6249/0x7110\n [\u003c00000000ad31ac4d\u003e] __do_sys_finit_module+0x140/0x200\n [\u003c000000007bddca46\u003e] do_syscall_64+0x35/0x80\n [\u003c00000000b5afec39\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\nunreferenced object 0xffff88810fc30540 (size 32):\n comm \"modprobe\", pid 727, jiffies 4295051278 (age 25.529s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000007f457abb\u003e] __kmalloc_node+0x4c/0xc0\n [\u003c000000006b91eab4\u003e] blk_mq_alloc_tag_set+0x393/0x1130\n [\u003c0000000066007fd7\u003e] 0xffffffffc06b8b08\n [\u003c0000000081f5ac40\u003e] do_one_initcall+0xd0/0x4f0\n [\u003c00000000e26d04ee\u003e] do_init_module+0x1a4/0x680\n [\u003c000000001bb22407\u003e] load_module+0x6249/0x7110\n [\u003c00000000ad31ac4d\u003e] __do_sys_finit_module+0x140/0x200\n [\u003c000000007bddca46\u003e] do_syscall_64+0x35/0x80\n [\u003c00000000b5afec39\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nIf the floppy_alloc_disk() failed, disks of current drive will not be set,\nthus the lastest allocated set-\u003etag cannot be freed in the error handling\npath. A simple call graph shown as below:\n\n floppy_module_init()\n floppy_init()\n do_floppy_init()\n for (drive = 0; drive \u003c N_DRIVE; drive++)\n blk_mq_alloc_tag_set()\n blk_mq_alloc_tag_set_tags()\n blk_mq_realloc_tag_set_tags() # set-\u003etag allocated\n floppy_alloc_disk()\n blk_mq_alloc_disk() # error occurred, disks failed to allocated\n\n -\u003eout_put_disk:\n for (drive = 0; drive \u003c N_DRIVE; drive++)\n if (!disks[drive][0]) # the last disks is not set and loop break\n break;\n blk_mq_free_tag_set() # the latest allocated set-\u003etag leaked\n\nFix this problem by free the set-\u003etag of current drive before jump to\nerror handling path.\n\n[efremov: added stable list, changed title]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50342",
"url": "https://www.suse.com/security/cve/CVE-2022-50342"
},
{
"category": "external",
"summary": "SUSE Bug 1249890 for CVE-2022-50342",
"url": "https://bugzilla.suse.com/1249890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50342"
},
{
"cve": "CVE-2022-50344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50344"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix null-ptr-deref in ext4_write_info\n\nI caught a null-ptr-deref bug as follows:\n==================================================================\nKASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]\nCPU: 1 PID: 1589 Comm: umount Not tainted 5.10.0-02219-dirty #339\nRIP: 0010:ext4_write_info+0x53/0x1b0\n[...]\nCall Trace:\n dquot_writeback_dquots+0x341/0x9a0\n ext4_sync_fs+0x19e/0x800\n __sync_filesystem+0x83/0x100\n sync_filesystem+0x89/0xf0\n generic_shutdown_super+0x79/0x3e0\n kill_block_super+0xa1/0x110\n deactivate_locked_super+0xac/0x130\n deactivate_super+0xb6/0xd0\n cleanup_mnt+0x289/0x400\n __cleanup_mnt+0x16/0x20\n task_work_run+0x11c/0x1c0\n exit_to_user_mode_prepare+0x203/0x210\n syscall_exit_to_user_mode+0x5b/0x3a0\n do_syscall_64+0x59/0x70\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n ==================================================================\n\nAbove issue may happen as follows:\n-------------------------------------\nexit_to_user_mode_prepare\n task_work_run\n __cleanup_mnt\n cleanup_mnt\n deactivate_super\n deactivate_locked_super\n kill_block_super\n generic_shutdown_super\n shrink_dcache_for_umount\n dentry = sb-\u003es_root\n sb-\u003es_root = NULL \u003c--- Here set NULL\n sync_filesystem\n __sync_filesystem\n sb-\u003es_op-\u003esync_fs \u003e ext4_sync_fs\n dquot_writeback_dquots\n sb-\u003edq_op-\u003ewrite_info \u003e ext4_write_info\n ext4_journal_start(d_inode(sb-\u003es_root), EXT4_HT_QUOTA, 2)\n d_inode(sb-\u003es_root)\n s_root-\u003ed_inode \u003c--- Null pointer dereference\n\nTo solve this problem, we use ext4_journal_start_sb directly\nto avoid s_root being used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50344",
"url": "https://www.suse.com/security/cve/CVE-2022-50344"
},
{
"category": "external",
"summary": "SUSE Bug 1250014 for CVE-2022-50344",
"url": "https://bugzilla.suse.com/1250014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50344"
},
{
"cve": "CVE-2022-50346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50346"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: init quota for \u0027old.inode\u0027 in \u0027ext4_rename\u0027\n\nSyzbot found the following issue:\next4_parse_param: s_want_extra_isize=128\next4_inode_info_init: s_want_extra_isize=32\next4_rename: old.inode=ffff88823869a2c8 old.dir=ffff888238699828 new.inode=ffff88823869d7e8 new.dir=ffff888238699828\n__ext4_mark_inode_dirty: inode=ffff888238699828 ea_isize=32 want_ea_size=128\n__ext4_mark_inode_dirty: inode=ffff88823869a2c8 ea_isize=32 want_ea_size=128\next4_xattr_block_set: inode=ffff88823869a2c8\n------------[ cut here ]------------\nWARNING: CPU: 13 PID: 2234 at fs/ext4/xattr.c:2070 ext4_xattr_block_set.cold+0x22/0x980\nModules linked in:\nRIP: 0010:ext4_xattr_block_set.cold+0x22/0x980\nRSP: 0018:ffff888227d3f3b0 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffff88823007a000 RCX: 0000000000000000\nRDX: 0000000000000a03 RSI: 0000000000000040 RDI: ffff888230078178\nRBP: 0000000000000000 R08: 000000000000002c R09: ffffed1075c7df8e\nR10: ffff8883ae3efc6b R11: ffffed1075c7df8d R12: 0000000000000000\nR13: ffff88823869a2c8 R14: ffff8881012e0460 R15: dffffc0000000000\nFS: 00007f350ac1f740(0000) GS:ffff8883ae200000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f350a6ed6a0 CR3: 0000000237456000 CR4: 00000000000006e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? ext4_xattr_set_entry+0x3b7/0x2320\n ? ext4_xattr_block_set+0x0/0x2020\n ? ext4_xattr_set_entry+0x0/0x2320\n ? ext4_xattr_check_entries+0x77/0x310\n ? ext4_xattr_ibody_set+0x23b/0x340\n ext4_xattr_move_to_block+0x594/0x720\n ext4_expand_extra_isize_ea+0x59a/0x10f0\n __ext4_expand_extra_isize+0x278/0x3f0\n __ext4_mark_inode_dirty.cold+0x347/0x410\n ext4_rename+0xed3/0x174f\n vfs_rename+0x13a7/0x2510\n do_renameat2+0x55d/0x920\n __x64_sys_rename+0x7d/0xb0\n do_syscall_64+0x3b/0xa0\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nAs \u0027ext4_rename\u0027 will modify \u0027old.inode\u0027 ctime and mark inode dirty,\nwhich may trigger expand \u0027extra_isize\u0027 and allocate block. If inode\ndidn\u0027t init quota will lead to warning. To solve above issue, init\n\u0027old.inode\u0027 firstly in \u0027ext4_rename\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50346",
"url": "https://www.suse.com/security/cve/CVE-2022-50346"
},
{
"category": "external",
"summary": "SUSE Bug 1250044 for CVE-2022-50346",
"url": "https://bugzilla.suse.com/1250044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50346"
},
{
"cve": "CVE-2022-50347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50347"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and calling mmc_free_host() in the\nerror path, besides, led_classdev_unregister() and pm_runtime_disable() also\nneed be called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50347",
"url": "https://www.suse.com/security/cve/CVE-2022-50347"
},
{
"category": "external",
"summary": "SUSE Bug 1249928 for CVE-2022-50347",
"url": "https://bugzilla.suse.com/1249928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50347"
},
{
"cve": "CVE-2022-50348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50348"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix a memory leak in an error handling path\n\nIf this memdup_user() call fails, the memory allocated in a previous call\na few lines above should be freed. Otherwise it leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50348",
"url": "https://www.suse.com/security/cve/CVE-2022-50348"
},
{
"category": "external",
"summary": "SUSE Bug 1249924 for CVE-2022-50348",
"url": "https://bugzilla.suse.com/1249924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50348"
},
{
"cve": "CVE-2022-50349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50349"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: tifm: fix possible memory leak in tifm_7xx1_switch_media()\n\nIf device_register() returns error in tifm_7xx1_switch_media(),\nname of kobject which is allocated in dev_set_name() called in device_add()\nis leaked.\n\nNever directly free @dev after calling device_register(), even\nif it returned an error! Always use put_device() to give up the\nreference initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50349",
"url": "https://www.suse.com/security/cve/CVE-2022-50349"
},
{
"category": "external",
"summary": "SUSE Bug 1249920 for CVE-2022-50349",
"url": "https://bugzilla.suse.com/1249920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50349"
},
{
"cve": "CVE-2022-50351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50351"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix xid leak in cifs_create()\n\nIf the cifs already shutdown, we should free the xid before return,\notherwise, the xid will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50351",
"url": "https://www.suse.com/security/cve/CVE-2022-50351"
},
{
"category": "external",
"summary": "SUSE Bug 1249925 for CVE-2022-50351",
"url": "https://bugzilla.suse.com/1249925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50351"
},
{
"cve": "CVE-2022-50353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50353"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: wmt-sdmmc: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and goto error path which will call\nmmc_free_host(), besides, clk_disable_unprepare() also needs be called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50353",
"url": "https://www.suse.com/security/cve/CVE-2022-50353"
},
{
"category": "external",
"summary": "SUSE Bug 1250047 for CVE-2022-50353",
"url": "https://bugzilla.suse.com/1250047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50353"
},
{
"cve": "CVE-2022-50354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix kfd_process_device_init_vm error handling\n\nShould only destroy the ib_mem and let process cleanup worker to free\nthe outstanding BOs. Reset the pointer in pdd-\u003eqpd structure, to avoid\nNULL pointer access in process destroy worker.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n Call Trace:\n amdgpu_amdkfd_gpuvm_unmap_gtt_bo_from_kernel+0x46/0xb0 [amdgpu]\n kfd_process_device_destroy_cwsr_dgpu+0x40/0x70 [amdgpu]\n kfd_process_destroy_pdds+0x71/0x190 [amdgpu]\n kfd_process_wq_release+0x2a2/0x3b0 [amdgpu]\n process_one_work+0x2a1/0x600\n worker_thread+0x39/0x3d0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50354",
"url": "https://www.suse.com/security/cve/CVE-2022-50354"
},
{
"category": "external",
"summary": "SUSE Bug 1250215 for CVE-2022-50354",
"url": "https://bugzilla.suse.com/1250215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50354"
},
{
"cve": "CVE-2022-50355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50355"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: vt6655: fix some erroneous memory clean-up loops\n\nIn some initialization functions of this driver, memory is allocated with\n\u0027i\u0027 acting as an index variable and increasing from 0. The commit in\n\"Fixes\" introduces some clean-up codes in case of allocation failure,\nwhich free memory in reverse order with \u0027i\u0027 decreasing to 0. However,\nthere are some problems:\n - The case i=0 is left out. Thus memory is leaked.\n - In case memory allocation fails right from the start, the memory\n freeing loops will start with i=-1 and invalid memory locations will\n be accessed.\n\nOne of these loops has been fixed in commit c8ff91535880 (\"staging:\nvt6655: fix potential memory leak\"). Fix the remaining erroneous loops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50355",
"url": "https://www.suse.com/security/cve/CVE-2022-50355"
},
{
"category": "external",
"summary": "SUSE Bug 1250041 for CVE-2022-50355",
"url": "https://bugzilla.suse.com/1250041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50355"
},
{
"cve": "CVE-2022-50356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50356"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sfb: fix null pointer access issue when sfb_init() fails\n\nWhen the default qdisc is sfb, if the qdisc of dev_queue fails to be\ninited during mqprio_init(), sfb_reset() is invoked to clear resources.\nIn this case, the q-\u003eqdisc is NULL, and it will cause gpf issue.\n\nThe process is as follows:\nqdisc_create_dflt()\n\tsfb_init()\n\t\ttcf_block_get() ---\u003efailed, q-\u003eqdisc is NULL\n\t...\n\tqdisc_put()\n\t\t...\n\t\tsfb_reset()\n\t\t\tqdisc_reset(q-\u003eqdisc) ---\u003eq-\u003eqdisc is NULL\n\t\t\t\tops = qdisc-\u003eops\n\nThe following is the Call Trace information:\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\nRIP: 0010:qdisc_reset+0x2b/0x6f0\nCall Trace:\n\u003cTASK\u003e\nsfb_reset+0x37/0xd0\nqdisc_reset+0xed/0x6f0\nqdisc_destroy+0x82/0x4c0\nqdisc_put+0x9e/0xb0\nqdisc_create_dflt+0x2c3/0x4a0\nmqprio_init+0xa71/0x1760\nqdisc_create+0x3eb/0x1000\ntc_modify_qdisc+0x408/0x1720\nrtnetlink_rcv_msg+0x38e/0xac0\nnetlink_rcv_skb+0x12d/0x3a0\nnetlink_unicast+0x4a2/0x740\nnetlink_sendmsg+0x826/0xcc0\nsock_sendmsg+0xc5/0x100\n____sys_sendmsg+0x583/0x690\n___sys_sendmsg+0xe8/0x160\n__sys_sendmsg+0xbf/0x160\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f2164122d04\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50356",
"url": "https://www.suse.com/security/cve/CVE-2022-50356"
},
{
"category": "external",
"summary": "SUSE Bug 1250040 for CVE-2022-50356",
"url": "https://bugzilla.suse.com/1250040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50356"
},
{
"cve": "CVE-2022-50357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: fix some leaks in probe\n\nThe dwc3_get_properties() function calls:\n\n\tdwc-\u003eusb_psy = power_supply_get_by_name(usb_psy_name);\n\nso there is some additional clean up required on these error paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50357",
"url": "https://www.suse.com/security/cve/CVE-2022-50357"
},
{
"category": "external",
"summary": "SUSE Bug 1250042 for CVE-2022-50357",
"url": "https://bugzilla.suse.com/1250042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50357"
},
{
"cve": "CVE-2022-50358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50358"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbrcmfmac: return error when getting invalid max_flowrings from dongle\n\nWhen firmware hit trap at initialization, host will read abnormal\nmax_flowrings number from dongle, and it will cause kernel panic when\ndoing iowrite to initialize dongle ring.\nTo detect this error at early stage, we directly return error when getting\ninvalid max_flowrings(\u003e256).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50358",
"url": "https://www.suse.com/security/cve/CVE-2022-50358"
},
{
"category": "external",
"summary": "SUSE Bug 1250264 for CVE-2022-50358",
"url": "https://bugzilla.suse.com/1250264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50358"
},
{
"cve": "CVE-2022-50359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx88: Fix a null-ptr-deref bug in buffer_prepare()\n\nWhen the driver calls cx88_risc_buffer() to prepare the buffer, the\nfunction call may fail, resulting in a empty buffer and null-ptr-deref\nlater in buffer_queue().\n\nThe following log can reveal it:\n\n[ 41.822762] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 41.824488] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n[ 41.828027] RIP: 0010:buffer_queue+0xc2/0x500\n[ 41.836311] Call Trace:\n[ 41.836945] __enqueue_in_driver+0x141/0x360\n[ 41.837262] vb2_start_streaming+0x62/0x4a0\n[ 41.838216] vb2_core_streamon+0x1da/0x2c0\n[ 41.838516] __vb2_init_fileio+0x981/0xbc0\n[ 41.839141] __vb2_perform_fileio+0xbf9/0x1120\n[ 41.840072] vb2_fop_read+0x20e/0x400\n[ 41.840346] v4l2_read+0x215/0x290\n[ 41.840603] vfs_read+0x162/0x4c0\n\nFix this by checking the return value of cx88_risc_buffer()\n\n[hverkuil: fix coding style issues]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50359",
"url": "https://www.suse.com/security/cve/CVE-2022-50359"
},
{
"category": "external",
"summary": "SUSE Bug 1250269 for CVE-2022-50359",
"url": "https://bugzilla.suse.com/1250269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50359"
},
{
"cve": "CVE-2022-50360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: fix aux-bus EP lifetime\n\nDevice-managed resources allocated post component bind must be tied to\nthe lifetime of the aggregate DRM device or they will not necessarily be\nreleased when binding of the aggregate device is deferred.\n\nThis can lead resource leaks or failure to bind the aggregate device\nwhen binding is later retried and a second attempt to allocate the\nresources is made.\n\nFor the DP aux-bus, an attempt to populate the bus a second time will\nsimply fail (\"DP AUX EP device already populated\").\n\nFix this by tying the lifetime of the EP device to the DRM device rather\nthan DP controller platform device.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502672/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50360",
"url": "https://www.suse.com/security/cve/CVE-2022-50360"
},
{
"category": "external",
"summary": "SUSE Bug 1250037 for CVE-2022-50360",
"url": "https://bugzilla.suse.com/1250037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50360"
},
{
"cve": "CVE-2022-50362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: hisilicon: Add multi-thread support for a DMA channel\n\nWhen we get a DMA channel and try to use it in multiple threads it\nwill cause oops and hanging the system.\n\n% echo 100 \u003e /sys/module/dmatest/parameters/threads_per_chan\n% echo 100 \u003e /sys/module/dmatest/parameters/iterations\n% echo 1 \u003e /sys/module/dmatest/parameters/run\n[383493.327077] Unable to handle kernel paging request at virtual\n\t\taddress dead000000000108\n[383493.335103] Mem abort info:\n[383493.335103] ESR = 0x96000044\n[383493.335105] EC = 0x25: DABT (current EL), IL = 32 bits\n[383493.335107] SET = 0, FnV = 0\n[383493.335108] EA = 0, S1PTW = 0\n[383493.335109] FSC = 0x04: level 0 translation fault\n[383493.335110] Data abort info:\n[383493.335111] ISV = 0, ISS = 0x00000044\n[383493.364739] CM = 0, WnR = 1\n[383493.367793] [dead000000000108] address between user and kernel\n\t\taddress ranges\n[383493.375021] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[383493.437574] CPU: 63 PID: 27895 Comm: dma0chan0-copy2 Kdump:\n\t\tloaded Tainted: GO 5.17.0-rc4+ #2\n[383493.457851] pstate: 204000c9 (nzCv daIF +PAN -UAO -TCO -DIT\n\t\t-SSBS BTYPE=--)\n[383493.465331] pc : vchan_tx_submit+0x64/0xa0\n[383493.469957] lr : vchan_tx_submit+0x34/0xa0\n\nThis occurs because the transmission timed out, and that\u0027s due\nto data race. Each thread rewrite channels\u0027s descriptor as soon as\ndevice_issue_pending is called. It leads to the situation that\nthe driver thinks that it uses the right descriptor in interrupt\nhandler while channels\u0027s descriptor has been changed by other\nthread. The descriptor which in fact reported interrupt will not\nbe handled any more, as well as its tx-\u003ecallback.\nThat\u0027s why timeout reports.\n\nWith current fixes channels\u0027 descriptor changes it\u0027s value only\nwhen it has been used. A new descriptor is acquired from\nvc-\u003edesc_issued queue that is already filled with descriptors\nthat are ready to be sent. Threads have no direct access to DMA\nchannel descriptor. In case of channel\u0027s descriptor is busy, try\nto submit to HW again when a descriptor is completed. In this case,\nvc-\u003edesc_issued may be empty when hisi_dma_start_transfer is called,\nso delete error reporting on this. Now it is just possible to queue\na descriptor for further processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50362",
"url": "https://www.suse.com/security/cve/CVE-2022-50362"
},
{
"category": "external",
"summary": "SUSE Bug 1250039 for CVE-2022-50362",
"url": "https://bugzilla.suse.com/1250039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50362"
},
{
"cve": "CVE-2022-50364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50364"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mux: reg: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref in resource_size(), if platform_get_resource()\nreturns NULL, move calling resource_size() after devm_ioremap_resource() that\nwill check \u0027res\u0027 to avoid null-ptr-deref.\nAnd use devm_platform_get_and_ioremap_resource() to simplify code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50364",
"url": "https://www.suse.com/security/cve/CVE-2022-50364"
},
{
"category": "external",
"summary": "SUSE Bug 1250083 for CVE-2022-50364",
"url": "https://bugzilla.suse.com/1250083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50364"
},
{
"cve": "CVE-2022-50367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50367"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: fix UAF/GPF bug in nilfs_mdt_destroy\n\nIn alloc_inode, inode_init_always() could return -ENOMEM if\nsecurity_inode_alloc() fails, which causes inode-\u003ei_private\nuninitialized. Then nilfs_is_metadata_file_inode() returns\ntrue and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(),\nwhich frees the uninitialized inode-\u003ei_private\nand leads to crashes(e.g., UAF/GPF).\n\nFix this by moving security_inode_alloc just prior to\nthis_cpu_inc(nr_inodes)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50367",
"url": "https://www.suse.com/security/cve/CVE-2022-50367"
},
{
"category": "external",
"summary": "SUSE Bug 1250277 for CVE-2022-50367",
"url": "https://bugzilla.suse.com/1250277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50367"
},
{
"cve": "CVE-2022-50368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50368"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: fix memory corruption with too many bridges\n\nAdd the missing sanity check on the bridge counter to avoid corrupting\ndata beyond the fixed-sized bridge array in case there are ever more\nthan eight bridges.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502668/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50368",
"url": "https://www.suse.com/security/cve/CVE-2022-50368"
},
{
"category": "external",
"summary": "SUSE Bug 1250009 for CVE-2022-50368",
"url": "https://bugzilla.suse.com/1250009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50368"
},
{
"cve": "CVE-2022-50369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix null-ptr-deref in vkms_release()\n\nA null-ptr-deref is triggered when it tries to destroy the workqueue in\nvkms-\u003eoutput.composer_workq in vkms_release().\n\n KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\n CPU: 5 PID: 17193 Comm: modprobe Not tainted 6.0.0-11331-gd465bff130bf #24\n RIP: 0010:destroy_workqueue+0x2f/0x710\n ...\n Call Trace:\n \u003cTASK\u003e\n ? vkms_config_debugfs_init+0x50/0x50 [vkms]\n __devm_drm_dev_alloc+0x15a/0x1c0 [drm]\n vkms_init+0x245/0x1000 [vkms]\n do_one_initcall+0xd0/0x4f0\n do_init_module+0x1a4/0x680\n load_module+0x6249/0x7110\n __do_sys_finit_module+0x140/0x200\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe reason is that an OOM happened which triggers the destroy of the\nworkqueue, however, the workqueue is alloced in the later process,\nthus a null-ptr-deref happened. A simple call graph is shown as below:\n\n vkms_init()\n vkms_create()\n devm_drm_dev_alloc()\n __devm_drm_dev_alloc()\n devm_drm_dev_init()\n devm_add_action_or_reset()\n devm_add_action() # an error happened\n devm_drm_dev_init_release()\n drm_dev_put()\n kref_put()\n drm_dev_release()\n vkms_release()\n destroy_workqueue() # null-ptr-deref happened\n vkms_modeset_init()\n vkms_output_init()\n vkms_crtc_init() # where the workqueue get allocated\n\nFix this by checking if composer_workq is NULL before passing it to\nthe destroy_workqueue() in vkms_release().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50369",
"url": "https://www.suse.com/security/cve/CVE-2022-50369"
},
{
"category": "external",
"summary": "SUSE Bug 1250026 for CVE-2022-50369",
"url": "https://bugzilla.suse.com/1250026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50369"
},
{
"cve": "CVE-2022-50370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50370"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: designware: Fix handling of real but unexpected device interrupts\n\nCommit c7b79a752871 (\"mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI\nIDs\") caused a regression on certain Gigabyte motherboards for Intel\nAlder Lake-S where system crashes to NULL pointer dereference in\ni2c_dw_xfer_msg() when system resumes from S3 sleep state (\"deep\").\n\nI was able to debug the issue on Gigabyte Z690 AORUS ELITE and made\nfollowing notes:\n\n- Issue happens when resuming from S3 but not when resuming from\n \"s2idle\"\n- PCI device 00:15.0 == i2c_designware.0 is already in D0 state when\n system enters into pci_pm_resume_noirq() while all other i2c_designware\n PCI devices are in D3. Devices were runtime suspended and in D3 prior\n entering into suspend\n- Interrupt comes after pci_pm_resume_noirq() when device interrupts are\n re-enabled\n- According to register dump the interrupt really comes from the\n i2c_designware.0. Controller is enabled, I2C target address register\n points to a one detectable I2C device address 0x60 and the\n DW_IC_RAW_INTR_STAT register START_DET, STOP_DET, ACTIVITY and\n TX_EMPTY bits are set indicating completed I2C transaction.\n\nMy guess is that the firmware uses this controller to communicate with\nan on-board I2C device during resume but does not disable the controller\nbefore giving control to an operating system.\n\nI was told the UEFI update fixes this but never the less it revealed the\ndriver is not ready to handle TX_EMPTY (or RX_FULL) interrupt when device\nis supposed to be idle and state variables are not set (especially the\ndev-\u003emsgs pointer which may point to NULL or stale old data).\n\nIntroduce a new software status flag STATUS_ACTIVE indicating when the\ncontroller is active in driver point of view. Now treat all interrupts\nthat occur when is not set as unexpected and mask all interrupts from\nthe controller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50370",
"url": "https://www.suse.com/security/cve/CVE-2022-50370"
},
{
"category": "external",
"summary": "SUSE Bug 1250011 for CVE-2022-50370",
"url": "https://bugzilla.suse.com/1250011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50370"
},
{
"cve": "CVE-2022-50372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50372"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix memory leak when build ntlmssp negotiate blob failed\n\nThere is a memory leak when mount cifs:\n unreferenced object 0xffff888166059600 (size 448):\n comm \"mount.cifs\", pid 51391, jiffies 4295596373 (age 330.596s)\n hex dump (first 32 bytes):\n fe 53 4d 42 40 00 00 00 00 00 00 00 01 00 82 00 .SMB@...........\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c0000000060609a61\u003e] mempool_alloc+0xe1/0x260\n [\u003c00000000adfa6c63\u003e] cifs_small_buf_get+0x24/0x60\n [\u003c00000000ebb404c7\u003e] __smb2_plain_req_init+0x32/0x460\n [\u003c00000000bcf875b4\u003e] SMB2_sess_alloc_buffer+0xa4/0x3f0\n [\u003c00000000753a2987\u003e] SMB2_sess_auth_rawntlmssp_negotiate+0xf5/0x480\n [\u003c00000000f0c1f4f9\u003e] SMB2_sess_setup+0x253/0x410\n [\u003c00000000a8b83303\u003e] cifs_setup_session+0x18f/0x4c0\n [\u003c00000000854bd16d\u003e] cifs_get_smb_ses+0xae7/0x13c0\n [\u003c000000006cbc43d9\u003e] mount_get_conns+0x7a/0x730\n [\u003c000000005922d816\u003e] cifs_mount+0x103/0xd10\n [\u003c00000000e33def3b\u003e] cifs_smb3_do_mount+0x1dd/0xc90\n [\u003c0000000078034979\u003e] smb3_get_tree+0x1d5/0x300\n [\u003c000000004371f980\u003e] vfs_get_tree+0x41/0xf0\n [\u003c00000000b670d8a7\u003e] path_mount+0x9b3/0xdd0\n [\u003c000000005e839a7d\u003e] __x64_sys_mount+0x190/0x1d0\n [\u003c000000009404c3b9\u003e] do_syscall_64+0x35/0x80\n\nWhen build ntlmssp negotiate blob failed, the session setup request\nshould be freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50372",
"url": "https://www.suse.com/security/cve/CVE-2022-50372"
},
{
"category": "external",
"summary": "SUSE Bug 1250052 for CVE-2022-50372",
"url": "https://bugzilla.suse.com/1250052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50372"
},
{
"cve": "CVE-2022-50373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50373"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: dlm: fix race in lowcomms\n\nThis patch fixes a race between queue_work() in\n_dlm_lowcomms_commit_msg() and srcu_read_unlock(). The queue_work() can\ntake the final reference of a dlm_msg and so msg-\u003eidx can contain\ngarbage which is signaled by the following warning:\n\n[ 676.237050] ------------[ cut here ]------------\n[ 676.237052] WARNING: CPU: 0 PID: 1060 at include/linux/srcu.h:189 dlm_lowcomms_commit_msg+0x41/0x50\n[ 676.238945] Modules linked in: dlm_locktorture torture rpcsec_gss_krb5 intel_rapl_msr intel_rapl_common iTCO_wdt iTCO_vendor_support qxl kvm_intel drm_ttm_helper vmw_vsock_virtio_transport kvm vmw_vsock_virtio_transport_common ttm irqbypass crc32_pclmul joydev crc32c_intel serio_raw drm_kms_helper vsock virtio_scsi virtio_console virtio_balloon snd_pcm drm syscopyarea sysfillrect sysimgblt snd_timer fb_sys_fops i2c_i801 lpc_ich snd i2c_smbus soundcore pcspkr\n[ 676.244227] CPU: 0 PID: 1060 Comm: lock_torture_wr Not tainted 5.19.0-rc3+ #1546\n[ 676.245216] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1.16.0-2.module+el8.7.0+15506+033991b0 04/01/2014\n[ 676.246460] RIP: 0010:dlm_lowcomms_commit_msg+0x41/0x50\n[ 676.247132] Code: fe ff ff ff 75 24 48 c7 c6 bd 0f 49 bb 48 c7 c7 38 7c 01 bd e8 00 e7 ca ff 89 de 48 c7 c7 60 78 01 bd e8 42 3d cd ff 5b 5d c3 \u003c0f\u003e 0b eb d8 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48\n[ 676.249253] RSP: 0018:ffffa401c18ffc68 EFLAGS: 00010282\n[ 676.249855] RAX: 0000000000000001 RBX: 00000000ffff8b76 RCX: 0000000000000006\n[ 676.250713] RDX: 0000000000000000 RSI: ffffffffbccf3a10 RDI: ffffffffbcc7b62e\n[ 676.251610] RBP: ffffa401c18ffc70 R08: 0000000000000001 R09: 0000000000000001\n[ 676.252481] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000005\n[ 676.253421] R13: ffff8b76786ec370 R14: ffff8b76786ec370 R15: ffff8b76786ec480\n[ 676.254257] FS: 0000000000000000(0000) GS:ffff8b7777800000(0000) knlGS:0000000000000000\n[ 676.255239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 676.255897] CR2: 00005590205d88b8 CR3: 000000017656c003 CR4: 0000000000770ee0\n[ 676.256734] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 676.257567] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 676.258397] PKRU: 55555554\n[ 676.258729] Call Trace:\n[ 676.259063] \u003cTASK\u003e\n[ 676.259354] dlm_midcomms_commit_mhandle+0xcc/0x110\n[ 676.259964] queue_bast+0x8b/0xb0\n[ 676.260423] grant_pending_locks+0x166/0x1b0\n[ 676.261007] _unlock_lock+0x75/0x90\n[ 676.261469] unlock_lock.isra.57+0x62/0xa0\n[ 676.262009] dlm_unlock+0x21e/0x330\n[ 676.262457] ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[ 676.263183] torture_unlock+0x5a/0x90 [dlm_locktorture]\n[ 676.263815] ? preempt_count_sub+0xba/0x100\n[ 676.264361] ? complete+0x1d/0x60\n[ 676.264777] lock_torture_writer+0xb8/0x150 [dlm_locktorture]\n[ 676.265555] kthread+0x10a/0x130\n[ 676.266007] ? kthread_complete_and_exit+0x20/0x20\n[ 676.266616] ret_from_fork+0x22/0x30\n[ 676.267097] \u003c/TASK\u003e\n[ 676.267381] irq event stamp: 9579855\n[ 676.267824] hardirqs last enabled at (9579863): [\u003cffffffffbb14e6f8\u003e] __up_console_sem+0x58/0x60\n[ 676.268896] hardirqs last disabled at (9579872): [\u003cffffffffbb14e6dd\u003e] __up_console_sem+0x3d/0x60\n[ 676.270008] softirqs last enabled at (9579798): [\u003cffffffffbc200349\u003e] __do_softirq+0x349/0x4c7\n[ 676.271438] softirqs last disabled at (9579897): [\u003cffffffffbb0d54c0\u003e] irq_exit_rcu+0xb0/0xf0\n[ 676.272796] ---[ end trace 0000000000000000 ]---\n\nI reproduced this warning with dlm_locktorture test which is currently\nnot upstream. However this patch fix the issue by make a additional\nrefcount between dlm_lowcomms_new_msg() and dlm_lowcomms_commit_msg().\nIn case of the race the kref_put() in dlm_lowcomms_commit_msg() will be\nthe final put.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50373",
"url": "https://www.suse.com/security/cve/CVE-2022-50373"
},
{
"category": "external",
"summary": "SUSE Bug 1250287 for CVE-2022-50373",
"url": "https://bugzilla.suse.com/1250287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50373"
},
{
"cve": "CVE-2022-50374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50374"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure\n\nsyzbot is reporting NULL pointer dereference at hci_uart_tty_close() [1],\nfor rcu_sync_enter() is called without rcu_sync_init() due to\nhci_uart_tty_open() ignoring percpu_init_rwsem() failure.\n\nWhile we are at it, fix that hci_uart_register_device() ignores\npercpu_init_rwsem() failure and hci_uart_unregister_device() does not\ncall percpu_free_rwsem().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50374",
"url": "https://www.suse.com/security/cve/CVE-2022-50374"
},
{
"category": "external",
"summary": "SUSE Bug 1250060 for CVE-2022-50374",
"url": "https://bugzilla.suse.com/1250060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50374"
},
{
"cve": "CVE-2022-50375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown\n\nlpuart_dma_shutdown tears down lpuart dma, but lpuart_flush_buffer can\nstill occur which in turn tries to access dma apis if lpuart_dma_tx_use\nflag is true. At this point since dma is torn down, these dma apis can\nabort. Set lpuart_dma_tx_use and the corresponding rx flag\nlpuart_dma_rx_use to false in lpuart_dma_shutdown so that dmas are not\naccessed after they are relinquished.\n\nOtherwise, when try to kill btattach, kernel may panic. This patch may\nfix this issue.\nroot@imx8ulpevk:~# btattach -B /dev/ttyLP2 -S 115200\n^C[ 90.182296] Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP\n[ 90.189806] Modules linked in: moal(O) mlan(O)\n[ 90.194258] CPU: 0 PID: 503 Comm: btattach Tainted: G O 5.15.32-06136-g34eecdf2f9e4 #37\n[ 90.203554] Hardware name: NXP i.MX8ULP 9X9 EVK (DT)\n[ 90.208513] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 90.215470] pc : fsl_edma3_disable_request+0x8/0x60\n[ 90.220358] lr : fsl_edma3_terminate_all+0x34/0x20c\n[ 90.225237] sp : ffff800013f0bac0\n[ 90.228548] x29: ffff800013f0bac0 x28: 0000000000000001 x27: ffff000008404800\n[ 90.235681] x26: ffff000008404960 x25: ffff000008404a08 x24: ffff000008404a00\n[ 90.242813] x23: ffff000008404a60 x22: 0000000000000002 x21: 0000000000000000\n[ 90.249946] x20: ffff800013f0baf8 x19: ffff00000559c800 x18: 0000000000000000\n[ 90.257078] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n[ 90.264211] x14: 0000000000000003 x13: 0000000000000000 x12: 0000000000000040\n[ 90.271344] x11: ffff00000600c248 x10: ffff800013f0bb10 x9 : ffff000057bcb090\n[ 90.278477] x8 : fffffc0000241a08 x7 : ffff00000534ee00 x6 : ffff000008404804\n[ 90.285609] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff0000055b3480\n[ 90.292742] x2 : ffff8000135c0000 x1 : ffff00000534ee00 x0 : ffff00000559c800\n[ 90.299876] Call trace:\n[ 90.302321] fsl_edma3_disable_request+0x8/0x60\n[ 90.306851] lpuart_flush_buffer+0x40/0x160\n[ 90.311037] uart_flush_buffer+0x88/0x120\n[ 90.315050] tty_driver_flush_buffer+0x20/0x30\n[ 90.319496] hci_uart_flush+0x44/0x90\n[ 90.323162] +0x34/0x12c\n[ 90.327253] tty_ldisc_close+0x38/0x70\n[ 90.331005] tty_ldisc_release+0xa8/0x190\n[ 90.335018] tty_release_struct+0x24/0x8c\n[ 90.339022] tty_release+0x3ec/0x4c0\n[ 90.342593] __fput+0x70/0x234\n[ 90.345652] ____fput+0x14/0x20\n[ 90.348790] task_work_run+0x84/0x17c\n[ 90.352455] do_exit+0x310/0x96c\n[ 90.355688] do_group_exit+0x3c/0xa0\n[ 90.359259] __arm64_sys_exit_group+0x1c/0x20\n[ 90.363609] invoke_syscall+0x48/0x114\n[ 90.367362] el0_svc_common.constprop.0+0xd4/0xfc\n[ 90.372068] do_el0_svc+0x2c/0x94\n[ 90.375379] el0_svc+0x28/0x80\n[ 90.378438] el0t_64_sync_handler+0xa8/0x130\n[ 90.382711] el0t_64_sync+0x1a0/0x1a4\n[ 90.386376] Code: 17ffffda d503201f d503233f f9409802 (b9400041)\n[ 90.392467] ---[ end trace 2f60524b4a43f1f6 ]---\n[ 90.397073] note: btattach[503] exited with preempt_count 1\n[ 90.402636] Fixing recursive fault but reboot is needed!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50375",
"url": "https://www.suse.com/security/cve/CVE-2022-50375"
},
{
"category": "external",
"summary": "SUSE Bug 1250132 for CVE-2022-50375",
"url": "https://bugzilla.suse.com/1250132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50375"
},
{
"cve": "CVE-2022-50376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50376"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()\n\nWhen insert and remove the orangefs module, there are memory leaked\nas below:\n\nunreferenced object 0xffff88816b0cc000 (size 2048):\n comm \"insmod\", pid 783, jiffies 4294813439 (age 65.512s)\n hex dump (first 32 bytes):\n 6e 6f 6e 65 0a 00 00 00 00 00 00 00 00 00 00 00 none............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c0000000031ab7788\u003e] kmalloc_trace+0x27/0xa0\n [\u003c000000005b405fee\u003e] orangefs_debugfs_init.cold+0xaf/0x17f\n [\u003c00000000e5a0085b\u003e] 0xffffffffa02780f9\n [\u003c000000004232d9f7\u003e] do_one_initcall+0x87/0x2a0\n [\u003c0000000054f22384\u003e] do_init_module+0xdf/0x320\n [\u003c000000003263bdea\u003e] load_module+0x2f98/0x3330\n [\u003c0000000052cd4153\u003e] __do_sys_finit_module+0x113/0x1b0\n [\u003c00000000250ae02b\u003e] do_syscall_64+0x35/0x80\n [\u003c00000000f11c03c7\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nUse the golbal variable as the buffer rather than dynamic allocate to\nslove the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50376",
"url": "https://www.suse.com/security/cve/CVE-2022-50376"
},
{
"category": "external",
"summary": "SUSE Bug 1250209 for CVE-2022-50376",
"url": "https://bugzilla.suse.com/1250209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50376"
},
{
"cve": "CVE-2022-50378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: reorder driver deinit sequence to fix use-after-free bug\n\nUnloading the driver triggers the following KASAN warning:\n\n[ +0.006275] =============================================================\n[ +0.000029] BUG: KASAN: use-after-free in __list_del_entry_valid+0xe0/0x1a0\n[ +0.000026] Read of size 8 at addr ffff000020c395e0 by task rmmod/2695\n\n[ +0.000019] CPU: 5 PID: 2695 Comm: rmmod Tainted: G C O 5.19.0-rc6-lrmbkasan+ #1\n[ +0.000013] Hardware name: Hardkernel ODROID-N2Plus (DT)\n[ +0.000008] Call trace:\n[ +0.000007] dump_backtrace+0x1ec/0x280\n[ +0.000013] show_stack+0x24/0x80\n[ +0.000008] dump_stack_lvl+0x98/0xd4\n[ +0.000011] print_address_description.constprop.0+0x80/0x520\n[ +0.000011] print_report+0x128/0x260\n[ +0.000007] kasan_report+0xb8/0xfc\n[ +0.000008] __asan_report_load8_noabort+0x3c/0x50\n[ +0.000010] __list_del_entry_valid+0xe0/0x1a0\n[ +0.000009] drm_atomic_private_obj_fini+0x30/0x200 [drm]\n[ +0.000172] drm_bridge_detach+0x94/0x260 [drm]\n[ +0.000145] drm_encoder_cleanup+0xa4/0x290 [drm]\n[ +0.000144] drm_mode_config_cleanup+0x118/0x740 [drm]\n[ +0.000143] drm_mode_config_init_release+0x1c/0x2c [drm]\n[ +0.000144] drm_managed_release+0x170/0x414 [drm]\n[ +0.000142] drm_dev_put.part.0+0xc0/0x124 [drm]\n[ +0.000143] drm_dev_put+0x20/0x30 [drm]\n[ +0.000142] meson_drv_unbind+0x1d8/0x2ac [meson_drm]\n[ +0.000028] take_down_aggregate_device+0xb0/0x160\n[ +0.000016] component_del+0x18c/0x360\n[ +0.000009] meson_dw_hdmi_remove+0x28/0x40 [meson_dw_hdmi]\n[ +0.000015] platform_remove+0x64/0xb0\n[ +0.000009] device_remove+0xb8/0x154\n[ +0.000009] device_release_driver_internal+0x398/0x5b0\n[ +0.000009] driver_detach+0xac/0x1b0\n[ +0.000009] bus_remove_driver+0x158/0x29c\n[ +0.000009] driver_unregister+0x70/0xb0\n[ +0.000008] platform_driver_unregister+0x20/0x2c\n[ +0.000008] meson_dw_hdmi_platform_driver_exit+0x1c/0x30 [meson_dw_hdmi]\n[ +0.000012] __do_sys_delete_module+0x288/0x400\n[ +0.000011] __arm64_sys_delete_module+0x5c/0x80\n[ +0.000009] invoke_syscall+0x74/0x260\n[ +0.000009] el0_svc_common.constprop.0+0xcc/0x260\n[ +0.000009] do_el0_svc+0x50/0x70\n[ +0.000007] el0_svc+0x68/0x1a0\n[ +0.000012] el0t_64_sync_handler+0x11c/0x150\n[ +0.000008] el0t_64_sync+0x18c/0x190\n\n[ +0.000018] Allocated by task 0:\n[ +0.000007] (stack is not available)\n\n[ +0.000011] Freed by task 2695:\n[ +0.000008] kasan_save_stack+0x2c/0x5c\n[ +0.000011] kasan_set_track+0x2c/0x40\n[ +0.000008] kasan_set_free_info+0x28/0x50\n[ +0.000009] ____kasan_slab_free+0x128/0x1d4\n[ +0.000008] __kasan_slab_free+0x18/0x24\n[ +0.000007] slab_free_freelist_hook+0x108/0x230\n[ +0.000011] kfree+0x110/0x35c\n[ +0.000008] release_nodes+0xf0/0x16c\n[ +0.000009] devres_release_group+0x180/0x270\n[ +0.000008] component_unbind+0x128/0x1e0\n[ +0.000010] component_unbind_all+0x1b8/0x264\n[ +0.000009] meson_drv_unbind+0x1a0/0x2ac [meson_drm]\n[ +0.000025] take_down_aggregate_device+0xb0/0x160\n[ +0.000009] component_del+0x18c/0x360\n[ +0.000009] meson_dw_hdmi_remove+0x28/0x40 [meson_dw_hdmi]\n[ +0.000012] platform_remove+0x64/0xb0\n[ +0.000008] device_remove+0xb8/0x154\n[ +0.000009] device_release_driver_internal+0x398/0x5b0\n[ +0.000009] driver_detach+0xac/0x1b0\n[ +0.000009] bus_remove_driver+0x158/0x29c\n[ +0.000008] driver_unregister+0x70/0xb0\n[ +0.000008] platform_driver_unregister+0x20/0x2c\n[ +0.000008] meson_dw_hdmi_platform_driver_exit+0x1c/0x30 [meson_dw_hdmi]\n[ +0.000011] __do_sys_delete_module+0x288/0x400\n[ +0.000010] __arm64_sys_delete_module+0x5c/0x80\n[ +0.000008] invoke_syscall+0x74/0x260\n[ +0.000008] el0_svc_common.constprop.0+0xcc/0x260\n[ +0.000008] do_el0_svc+0x50/0x70\n[ +0.000007] el0_svc+0x68/0x1a0\n[ +0.000009] el0t_64_sync_handler+0x11c/0x150\n[ +0.000009] el0t_64_sync+0x18c/0x190\n\n[ +0.000014] The buggy address belongs to the object at ffff000020c39000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50378",
"url": "https://www.suse.com/security/cve/CVE-2022-50378"
},
{
"category": "external",
"summary": "SUSE Bug 1250306 for CVE-2022-50378",
"url": "https://bugzilla.suse.com/1250306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50378"
},
{
"cve": "CVE-2022-50379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between quota enable and quota rescan ioctl\n\nWhen enabling quotas, at btrfs_quota_enable(), after committing the\ntransaction, we change fs_info-\u003equota_root to point to the quota root we\ncreated and set BTRFS_FS_QUOTA_ENABLED at fs_info-\u003eflags. Then we try\nto start the qgroup rescan worker, first by initializing it with a call\nto qgroup_rescan_init() - however if that fails we end up freeing the\nquota root but we leave fs_info-\u003equota_root still pointing to it, this\ncan later result in a use-after-free somewhere else.\n\nWe have previously set the flags BTRFS_FS_QUOTA_ENABLED and\nBTRFS_QGROUP_STATUS_FLAG_ON, so we can only fail with -EINPROGRESS at\nbtrfs_quota_enable(), which is possible if someone already called the\nquota rescan ioctl, and therefore started the rescan worker.\n\nSo fix this by ignoring an -EINPROGRESS and asserting we can\u0027t get any\nother error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50379",
"url": "https://www.suse.com/security/cve/CVE-2022-50379"
},
{
"category": "external",
"summary": "SUSE Bug 1250245 for CVE-2022-50379",
"url": "https://bugzilla.suse.com/1250245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50379"
},
{
"cve": "CVE-2022-50381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50381"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix a crash in mempool_free\n\nThere\u0027s a crash in mempool_free when running the lvm test\nshell/lvchange-rebuild-raid.sh.\n\nThe reason for the crash is this:\n* super_written calls atomic_dec_and_test(\u0026mddev-\u003epending_writes) and\n wake_up(\u0026mddev-\u003esb_wait). Then it calls rdev_dec_pending(rdev, mddev)\n and bio_put(bio).\n* so, the process that waited on sb_wait and that is woken up is racing\n with bio_put(bio).\n* if the process wins the race, it calls bioset_exit before bio_put(bio)\n is executed.\n* bio_put(bio) attempts to free a bio into a destroyed bio set - causing\n a crash in mempool_free.\n\nWe fix this bug by moving bio_put before atomic_dec_and_test.\n\nWe also move rdev_dec_pending before atomic_dec_and_test as suggested by\nNeil Brown.\n\nThe function md_end_flush has a similar bug - we must call bio_put before\nwe decrement the number of in-progress bios.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 11557f0067 P4D 11557f0067 PUD 0\n Oops: 0002 [#1] PREEMPT SMP\n CPU: 0 PID: 73 Comm: kworker/0:1 Not tainted 6.1.0-rc3 #5\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\n Workqueue: kdelayd flush_expired_bios [dm_delay]\n RIP: 0010:mempool_free+0x47/0x80\n Code: 48 89 ef 5b 5d ff e0 f3 c3 48 89 f7 e8 32 45 3f 00 48 63 53 08 48 89 c6 3b 53 04 7d 2d 48 8b 43 10 8d 4a 01 48 89 df 89 4b 08 \u003c48\u003e 89 2c d0 e8 b0 45 3f 00 48 8d 7b 30 5b 5d 31 c9 ba 01 00 00 00\n RSP: 0018:ffff88910036bda8 EFLAGS: 00010093\n RAX: 0000000000000000 RBX: ffff8891037b65d8 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: 0000000000000202 RDI: ffff8891037b65d8\n RBP: ffff8891447ba240 R08: 0000000000012908 R09: 00000000003d0900\n R10: 0000000000000000 R11: 0000000000173544 R12: ffff889101a14000\n R13: ffff8891562ac300 R14: ffff889102b41440 R15: ffffe8ffffa00d05\n FS: 0000000000000000(0000) GS:ffff88942fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000001102e99000 CR4: 00000000000006b0\n Call Trace:\n \u003cTASK\u003e\n clone_endio+0xf4/0x1c0 [dm_mod]\n clone_endio+0xf4/0x1c0 [dm_mod]\n __submit_bio+0x76/0x120\n submit_bio_noacct_nocheck+0xb6/0x2a0\n flush_expired_bios+0x28/0x2f [dm_delay]\n process_one_work+0x1b4/0x300\n worker_thread+0x45/0x3e0\n ? rescuer_thread+0x380/0x380\n kthread+0xc2/0x100\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n Modules linked in: brd dm_delay dm_raid dm_mod af_packet uvesafb cfbfillrect cfbimgblt cn cfbcopyarea fb font fbdev tun autofs4 binfmt_misc configfs ipv6 virtio_rng virtio_balloon rng_core virtio_net pcspkr net_failover failover qemu_fw_cfg button mousedev raid10 raid456 libcrc32c async_raid6_recov async_memcpy async_pq raid6_pq async_xor xor async_tx raid1 raid0 md_mod sd_mod t10_pi crc64_rocksoft crc64 virtio_scsi scsi_mod evdev psmouse bsg scsi_common [last unloaded: brd]\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50381",
"url": "https://www.suse.com/security/cve/CVE-2022-50381"
},
{
"category": "external",
"summary": "SUSE Bug 1250257 for CVE-2022-50381",
"url": "https://bugzilla.suse.com/1250257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50381"
},
{
"cve": "CVE-2022-50385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix an Oops in nfs_d_automount()\n\nWhen mounting from a NFSv4 referral, path-\u003edentry can end up being a\nnegative dentry, so derive the struct nfs_server from the dentry\nitself instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50385",
"url": "https://www.suse.com/security/cve/CVE-2022-50385"
},
{
"category": "external",
"summary": "SUSE Bug 1250131 for CVE-2022-50385",
"url": "https://bugzilla.suse.com/1250131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50385"
},
{
"cve": "CVE-2022-50386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix user-after-free\n\nThis uses l2cap_chan_hold_unless_zero() after calling\n__l2cap_get_chan_blah() to prevent the following trace:\n\nBluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref\n*kref)\nBluetooth: chan 0000000023c4974d\nBluetooth: parent 00000000ae861c08\n==================================================================\nBUG: KASAN: use-after-free in __mutex_waiter_is_first\nkernel/locking/mutex.c:191 [inline]\nBUG: KASAN: use-after-free in __mutex_lock_common\nkernel/locking/mutex.c:671 [inline]\nBUG: KASAN: use-after-free in __mutex_lock+0x278/0x400\nkernel/locking/mutex.c:729\nRead of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50386",
"url": "https://www.suse.com/security/cve/CVE-2022-50386"
},
{
"category": "external",
"summary": "SUSE Bug 1250301 for CVE-2022-50386",
"url": "https://bugzilla.suse.com/1250301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50386"
},
{
"cve": "CVE-2022-50388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix multipath crash caused by flush request when blktrace is enabled\n\nThe flush request initialized by blk_kick_flush has NULL bio,\nand it may be dealt with nvme_end_req during io completion.\nWhen blktrace is enabled, nvme_trace_bio_complete with multipath\nactivated trying to access NULL pointer bio from flush request\nresults in the following crash:\n\n[ 2517.831677] BUG: kernel NULL pointer dereference, address: 000000000000001a\n[ 2517.835213] #PF: supervisor read access in kernel mode\n[ 2517.838724] #PF: error_code(0x0000) - not-present page\n[ 2517.842222] PGD 7b2d51067 P4D 0\n[ 2517.845684] Oops: 0000 [#1] SMP NOPTI\n[ 2517.849125] CPU: 2 PID: 732 Comm: kworker/2:1H Kdump: loaded Tainted: G S 5.15.67-0.cl9.x86_64 #1\n[ 2517.852723] Hardware name: XFUSION 2288H V6/BC13MBSBC, BIOS 1.13 07/27/2022\n[ 2517.856358] Workqueue: nvme_tcp_wq nvme_tcp_io_work [nvme_tcp]\n[ 2517.859993] RIP: 0010:blk_add_trace_bio_complete+0x6/0x30\n[ 2517.863628] Code: 1f 44 00 00 48 8b 46 08 31 c9 ba 04 00 10 00 48 8b 80 50 03 00 00 48 8b 78 50 e9 e5 fe ff ff 0f 1f 44 00 00 41 54 49 89 f4 55 \u003c0f\u003e b6 7a 1a 48 89 d5 e8 3e 1c 2b 00 48 89 ee 4c 89 e7 5d 89 c1 ba\n[ 2517.871269] RSP: 0018:ff7f6a008d9dbcd0 EFLAGS: 00010286\n[ 2517.875081] RAX: ff3d5b4be00b1d50 RBX: 0000000002040002 RCX: ff3d5b0a270f2000\n[ 2517.878966] RDX: 0000000000000000 RSI: ff3d5b0b021fb9f8 RDI: 0000000000000000\n[ 2517.882849] RBP: ff3d5b0b96a6fa00 R08: 0000000000000001 R09: 0000000000000000\n[ 2517.886718] R10: 000000000000000c R11: 000000000000000c R12: ff3d5b0b021fb9f8\n[ 2517.890575] R13: 0000000002000000 R14: ff3d5b0b021fb1b0 R15: 0000000000000018\n[ 2517.894434] FS: 0000000000000000(0000) GS:ff3d5b42bfc80000(0000) knlGS:0000000000000000\n[ 2517.898299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 2517.902157] CR2: 000000000000001a CR3: 00000004f023e005 CR4: 0000000000771ee0\n[ 2517.906053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 2517.909930] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 2517.913761] PKRU: 55555554\n[ 2517.917558] Call Trace:\n[ 2517.921294] \u003cTASK\u003e\n[ 2517.924982] nvme_complete_rq+0x1c3/0x1e0 [nvme_core]\n[ 2517.928715] nvme_tcp_recv_pdu+0x4d7/0x540 [nvme_tcp]\n[ 2517.932442] nvme_tcp_recv_skb+0x4f/0x240 [nvme_tcp]\n[ 2517.936137] ? nvme_tcp_recv_pdu+0x540/0x540 [nvme_tcp]\n[ 2517.939830] tcp_read_sock+0x9c/0x260\n[ 2517.943486] nvme_tcp_try_recv+0x65/0xa0 [nvme_tcp]\n[ 2517.947173] nvme_tcp_io_work+0x64/0x90 [nvme_tcp]\n[ 2517.950834] process_one_work+0x1e8/0x390\n[ 2517.954473] worker_thread+0x53/0x3c0\n[ 2517.958069] ? process_one_work+0x390/0x390\n[ 2517.961655] kthread+0x10c/0x130\n[ 2517.965211] ? set_kthread_struct+0x40/0x40\n[ 2517.968760] ret_from_fork+0x1f/0x30\n[ 2517.972285] \u003c/TASK\u003e\n\nTo avoid this situation, add a NULL check for req-\u003ebio before\ncalling trace_block_bio_complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50388",
"url": "https://www.suse.com/security/cve/CVE-2022-50388"
},
{
"category": "external",
"summary": "SUSE Bug 1250293 for CVE-2022-50388",
"url": "https://bugzilla.suse.com/1250293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50388"
},
{
"cve": "CVE-2022-50389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak\n\nIn crb_acpi_add(), we get the TPM2 table to retrieve information\nlike start method, and then assign them to the priv data, so the\nTPM2 table is not used after the init, should be freed, call\nacpi_put_table() to fix the memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50389",
"url": "https://www.suse.com/security/cve/CVE-2022-50389"
},
{
"category": "external",
"summary": "SUSE Bug 1250121 for CVE-2022-50389",
"url": "https://bugzilla.suse.com/1250121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50389"
},
{
"cve": "CVE-2022-50390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50390"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED\n\nShifting signed 32-bit value by 31 bits is undefined, so changing\nsignificant bit to unsigned. The UBSAN warning calltrace like below:\n\nUBSAN: shift-out-of-bounds in ./include/drm/ttm/ttm_tt.h:122:26\nleft shift of 1 by 31 places cannot be represented in type \u0027int\u0027\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7d/0xa5\n dump_stack+0x15/0x1b\n ubsan_epilogue+0xe/0x4e\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c\n ttm_bo_move_memcpy+0x3b4/0x460 [ttm]\n bo_driver_move+0x32/0x40 [drm_vram_helper]\n ttm_bo_handle_move_mem+0x118/0x200 [ttm]\n ttm_bo_validate+0xfa/0x220 [ttm]\n drm_gem_vram_pin_locked+0x70/0x1b0 [drm_vram_helper]\n drm_gem_vram_pin+0x48/0xb0 [drm_vram_helper]\n drm_gem_vram_plane_helper_prepare_fb+0x53/0xe0 [drm_vram_helper]\n drm_gem_vram_simple_display_pipe_prepare_fb+0x26/0x30 [drm_vram_helper]\n drm_simple_kms_plane_prepare_fb+0x4d/0xe0 [drm_kms_helper]\n drm_atomic_helper_prepare_planes+0xda/0x210 [drm_kms_helper]\n drm_atomic_helper_commit+0xc3/0x1e0 [drm_kms_helper]\n drm_atomic_commit+0x9c/0x160 [drm]\n drm_client_modeset_commit_atomic+0x33a/0x380 [drm]\n drm_client_modeset_commit_locked+0x77/0x220 [drm]\n drm_client_modeset_commit+0x31/0x60 [drm]\n __drm_fb_helper_restore_fbdev_mode_unlocked+0xa7/0x170 [drm_kms_helper]\n drm_fb_helper_set_par+0x51/0x90 [drm_kms_helper]\n fbcon_init+0x316/0x790\n visual_init+0x113/0x1d0\n do_bind_con_driver+0x2a3/0x5c0\n do_take_over_console+0xa9/0x270\n do_fbcon_takeover+0xa1/0x170\n do_fb_registered+0x2a8/0x340\n fbcon_fb_registered+0x47/0xe0\n register_framebuffer+0x294/0x4a0\n __drm_fb_helper_initial_config_and_unlock+0x43c/0x880 [drm_kms_helper]\n drm_fb_helper_initial_config+0x52/0x80 [drm_kms_helper]\n drm_fbdev_client_hotplug+0x156/0x1b0 [drm_kms_helper]\n drm_fbdev_generic_setup+0xfc/0x290 [drm_kms_helper]\n bochs_pci_probe+0x6ca/0x772 [bochs]\n local_pci_probe+0x4d/0xb0\n pci_device_probe+0x119/0x320\n really_probe+0x181/0x550\n __driver_probe_device+0xc6/0x220\n driver_probe_device+0x32/0x100\n __driver_attach+0x195/0x200\n bus_for_each_dev+0xbb/0x120\n driver_attach+0x27/0x30\n bus_add_driver+0x22e/0x2f0\n driver_register+0xa9/0x190\n __pci_register_driver+0x90/0xa0\n bochs_pci_driver_init+0x52/0x1000 [bochs]\n do_one_initcall+0x76/0x430\n do_init_module+0x61/0x28a\n load_module+0x1f82/0x2e50\n __do_sys_finit_module+0xf8/0x190\n __x64_sys_finit_module+0x23/0x30\n do_syscall_64+0x58/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50390",
"url": "https://www.suse.com/security/cve/CVE-2022-50390"
},
{
"category": "external",
"summary": "SUSE Bug 1250130 for CVE-2022-50390",
"url": "https://bugzilla.suse.com/1250130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50390"
},
{
"cve": "CVE-2022-50391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: fix memory leak in set_mempolicy_home_node system call\n\nWhen encountering any vma in the range with policy other than MPOL_BIND or\nMPOL_PREFERRED_MANY, an error is returned without issuing a mpol_put on\nthe policy just allocated with mpol_dup().\n\nThis allows arbitrary users to leak kernel memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50391",
"url": "https://www.suse.com/security/cve/CVE-2022-50391"
},
{
"category": "external",
"summary": "SUSE Bug 1250138 for CVE-2022-50391",
"url": "https://bugzilla.suse.com/1250138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50391"
},
{
"cve": "CVE-2022-50392",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50392"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe()\n\nThe node returned by of_parse_phandle() with refcount incremented,\nof_node_put() needs be called when finish using it. So add it in the\nerror path in mt8183_mt6358_ts3a227_max98357_dev_probe().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50392",
"url": "https://www.suse.com/security/cve/CVE-2022-50392"
},
{
"category": "external",
"summary": "SUSE Bug 1250105 for CVE-2022-50392",
"url": "https://bugzilla.suse.com/1250105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50392"
},
{
"cve": "CVE-2022-50393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: SDMA update use unlocked iterator\n\nSDMA update page table may be called from unlocked context, this\ngenerate below warning. Use unlocked iterator to handle this case.\n\nWARNING: CPU: 0 PID: 1475 at\ndrivers/dma-buf/dma-resv.c:483 dma_resv_iter_next\nCall Trace:\n dma_resv_iter_first+0x43/0xa0\n amdgpu_vm_sdma_update+0x69/0x2d0 [amdgpu]\n amdgpu_vm_ptes_update+0x29c/0x870 [amdgpu]\n amdgpu_vm_update_range+0x2f6/0x6c0 [amdgpu]\n svm_range_unmap_from_gpus+0x115/0x300 [amdgpu]\n svm_range_cpu_invalidate_pagetables+0x510/0x5e0 [amdgpu]\n __mmu_notifier_invalidate_range_start+0x1d3/0x230\n unmap_vmas+0x140/0x150\n unmap_region+0xa8/0x110",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50393",
"url": "https://www.suse.com/security/cve/CVE-2022-50393"
},
{
"category": "external",
"summary": "SUSE Bug 1250278 for CVE-2022-50393",
"url": "https://bugzilla.suse.com/1250278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50393"
},
{
"cve": "CVE-2022-50394",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50394"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: ismt: Fix an out-of-bounds bug in ismt_access()\n\nWhen the driver does not check the data from the user, the variable\n\u0027data-\u003eblock[0]\u0027 may be very large to cause an out-of-bounds bug.\n\nThe following log can reveal it:\n\n[ 33.995542] i2c i2c-1: ioctl, cmd=0x720, arg=0x7ffcb3dc3a20\n[ 33.995978] ismt_smbus 0000:00:05.0: I2C_SMBUS_BLOCK_DATA: WRITE\n[ 33.996475] ==================================================================\n[ 33.996995] BUG: KASAN: out-of-bounds in ismt_access.cold+0x374/0x214b\n[ 33.997473] Read of size 18446744073709551615 at addr ffff88810efcfdb1 by task ismt_poc/485\n[ 33.999450] Call Trace:\n[ 34.001849] memcpy+0x20/0x60\n[ 34.002077] ismt_access.cold+0x374/0x214b\n[ 34.003382] __i2c_smbus_xfer+0x44f/0xfb0\n[ 34.004007] i2c_smbus_xfer+0x10a/0x390\n[ 34.004291] i2cdev_ioctl_smbus+0x2c8/0x710\n[ 34.005196] i2cdev_ioctl+0x5ec/0x74c\n\nFix this bug by checking the size of \u0027data-\u003eblock[0]\u0027 first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50394",
"url": "https://www.suse.com/security/cve/CVE-2022-50394"
},
{
"category": "external",
"summary": "SUSE Bug 1250107 for CVE-2022-50394",
"url": "https://bugzilla.suse.com/1250107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50394"
},
{
"cve": "CVE-2022-50395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintegrity: Fix memory leakage in keyring allocation error path\n\nKey restriction is allocated in integrity_init_keyring(). However, if\nkeyring allocation failed, it is not freed, causing memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50395",
"url": "https://www.suse.com/security/cve/CVE-2022-50395"
},
{
"category": "external",
"summary": "SUSE Bug 1250211 for CVE-2022-50395",
"url": "https://bugzilla.suse.com/1250211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50395"
},
{
"cve": "CVE-2022-50396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix memory leak in tcindex_set_parms\n\nSyzkaller reports a memory leak as follows:\n====================================\nBUG: memory leak\nunreferenced object 0xffff88810c287f00 (size 256):\n comm \"syz-executor105\", pid 3600, jiffies 4294943292 (age 12.990s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff814cf9f0\u003e] kmalloc_trace+0x20/0x90 mm/slab_common.c:1046\n [\u003cffffffff839c9e07\u003e] kmalloc include/linux/slab.h:576 [inline]\n [\u003cffffffff839c9e07\u003e] kmalloc_array include/linux/slab.h:627 [inline]\n [\u003cffffffff839c9e07\u003e] kcalloc include/linux/slab.h:659 [inline]\n [\u003cffffffff839c9e07\u003e] tcf_exts_init include/net/pkt_cls.h:250 [inline]\n [\u003cffffffff839c9e07\u003e] tcindex_set_parms+0xa7/0xbe0 net/sched/cls_tcindex.c:342\n [\u003cffffffff839caa1f\u003e] tcindex_change+0xdf/0x120 net/sched/cls_tcindex.c:553\n [\u003cffffffff8394db62\u003e] tc_new_tfilter+0x4f2/0x1100 net/sched/cls_api.c:2147\n [\u003cffffffff8389e91c\u003e] rtnetlink_rcv_msg+0x4dc/0x5d0 net/core/rtnetlink.c:6082\n [\u003cffffffff839eba67\u003e] netlink_rcv_skb+0x87/0x1d0 net/netlink/af_netlink.c:2540\n [\u003cffffffff839eab87\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n [\u003cffffffff839eab87\u003e] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345\n [\u003cffffffff839eb046\u003e] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921\n [\u003cffffffff8383e796\u003e] sock_sendmsg_nosec net/socket.c:714 [inline]\n [\u003cffffffff8383e796\u003e] sock_sendmsg+0x56/0x80 net/socket.c:734\n [\u003cffffffff8383eb08\u003e] ____sys_sendmsg+0x178/0x410 net/socket.c:2482\n [\u003cffffffff83843678\u003e] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536\n [\u003cffffffff838439c5\u003e] __sys_sendmmsg+0x105/0x330 net/socket.c:2622\n [\u003cffffffff83843c14\u003e] __do_sys_sendmmsg net/socket.c:2651 [inline]\n [\u003cffffffff83843c14\u003e] __se_sys_sendmmsg net/socket.c:2648 [inline]\n [\u003cffffffff83843c14\u003e] __x64_sys_sendmmsg+0x24/0x30 net/socket.c:2648\n [\u003cffffffff84605fd5\u003e] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n [\u003cffffffff84605fd5\u003e] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n [\u003cffffffff84800087\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n====================================\n\nKernel uses tcindex_change() to change an existing\nfilter properties.\n\nYet the problem is that, during the process of changing,\nif `old_r` is retrieved from `p-\u003eperfect`, then\nkernel uses tcindex_alloc_perfect_hash() to newly\nallocate filter results, uses tcindex_filter_result_init()\nto clear the old filter result, without destroying\nits tcf_exts structure, which triggers the above memory leak.\n\nTo be more specific, there are only two source for the `old_r`,\naccording to the tcindex_lookup(). `old_r` is retrieved from\n`p-\u003eperfect`, or `old_r` is retrieved from `p-\u003eh`.\n\n * If `old_r` is retrieved from `p-\u003eperfect`, kernel uses\ntcindex_alloc_perfect_hash() to newly allocate the\nfilter results. Then `r` is assigned with `cp-\u003eperfect + handle`,\nwhich is newly allocated. So condition `old_r \u0026\u0026 old_r != r` is\ntrue in this situation, and kernel uses tcindex_filter_result_init()\nto clear the old filter result, without destroying\nits tcf_exts structure\n\n * If `old_r` is retrieved from `p-\u003eh`, then `p-\u003eperfect` is NULL\naccording to the tcindex_lookup(). Considering that `cp-\u003eh`\nis directly copied from `p-\u003eh` and `p-\u003eperfect` is NULL,\n`r` is assigned with `tcindex_lookup(cp, handle)`, whose value\nshould be the same as `old_r`, so condition `old_r \u0026\u0026 old_r != r`\nis false in this situation, kernel ignores using\ntcindex_filter_result_init() to clear the old filter result.\n\nSo only when `old_r` is retrieved from `p-\u003eperfect` does kernel use\ntcindex_filter_result_init() to clear the old filter result, which\ntriggers the above memory leak.\n\nConsidering that there already exists a tc_filter_wq workqueue\nto destroy the old tcindex_d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50396",
"url": "https://www.suse.com/security/cve/CVE-2022-50396"
},
{
"category": "external",
"summary": "SUSE Bug 1250104 for CVE-2022-50396",
"url": "https://bugzilla.suse.com/1250104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50396"
},
{
"cve": "CVE-2022-50398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: add atomic_check to bridge ops\n\nDRM commit_tails() will disable downstream crtc/encoder/bridge if\nboth disable crtc is required and crtc-\u003eactive is set before pushing\na new frame downstream.\n\nThere is a rare case that user space display manager issue an extra\nscreen update immediately followed by close DRM device while down\nstream display interface is disabled. This extra screen update will\ntimeout due to the downstream interface is disabled but will cause\ncrtc-\u003eactive be set. Hence the followed commit_tails() called by\ndrm_release() will pass the disable downstream crtc/encoder/bridge\nconditions checking even downstream interface is disabled.\nThis cause the crash to happen at dp_bridge_disable() due to it trying\nto access the main link register to push the idle pattern out while main\nlink clocks is disabled.\n\nThis patch adds atomic_check to prevent the extra frame will not\nbe pushed down if display interface is down so that crtc-\u003eactive\nwill not be set neither. This will fail the conditions checking\nof disabling down stream crtc/encoder/bridge which prevent\ndrm_release() from calling dp_bridge_disable() so that crash\nat dp_bridge_disable() prevented.\n\nThere is no protection in the DRM framework to check if the display\npipeline has been already disabled before trying again. The only\ncheck is the crtc_state-\u003eactive but this is controlled by usermode\nusing UAPI. Hence if the usermode sets this and then crashes, the\ndriver needs to protect against double disable.\n\nSError Interrupt on CPU7, code 0x00000000be000411 -- SError\nCPU: 7 PID: 3878 Comm: Xorg Not tainted 5.19.0-stb-cbq #19\nHardware name: Google Lazor (rev3 - 8) (DT)\npstate: a04000c9 (NzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __cmpxchg_case_acq_32+0x14/0x2c\nlr : do_raw_spin_lock+0xa4/0xdc\nsp : ffffffc01092b6a0\nx29: ffffffc01092b6a0 x28: 0000000000000028 x27: 0000000000000038\nx26: 0000000000000004 x25: ffffffd2973dce48 x24: 0000000000000000\nx23: 00000000ffffffff x22: 00000000ffffffff x21: ffffffd2978d0008\nx20: ffffffd2978d0008 x19: ffffff80ff759fc0 x18: 0000000000000000\nx17: 004800a501260460 x16: 0441043b04600438 x15: 04380000089807d0\nx14: 07b0089807800780 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000438 x10: 00000000000007d0 x9 : ffffffd2973e09e4\nx8 : ffffff8092d53300 x7 : ffffff808902e8b8 x6 : 0000000000000001\nx5 : ffffff808902e880 x4 : 0000000000000000 x3 : ffffff80ff759fc0\nx2 : 0000000000000001 x1 : 0000000000000000 x0 : ffffff80ff759fc0\nKernel panic - not syncing: Asynchronous SError Interrupt\nCPU: 7 PID: 3878 Comm: Xorg Not tainted 5.19.0-stb-cbq #19\nHardware name: Google Lazor (rev3 - 8) (DT)\nCall trace:\n dump_backtrace.part.0+0xbc/0xe4\n show_stack+0x24/0x70\n dump_stack_lvl+0x68/0x84\n dump_stack+0x18/0x34\n panic+0x14c/0x32c\n nmi_panic+0x58/0x7c\n arm64_serror_panic+0x78/0x84\n do_serror+0x40/0x64\n el1h_64_error_handler+0x30/0x48\n el1h_64_error+0x68/0x6c\n __cmpxchg_case_acq_32+0x14/0x2c\n _raw_spin_lock_irqsave+0x38/0x4c\n lock_timer_base+0x40/0x78\n __mod_timer+0xf4/0x25c\n schedule_timeout+0xd4/0xfc\n __wait_for_common+0xac/0x140\n wait_for_completion_timeout+0x2c/0x54\n dp_ctrl_push_idle+0x40/0x88\n dp_bridge_disable+0x24/0x30\n drm_atomic_bridge_chain_disable+0x90/0xbc\n drm_atomic_helper_commit_modeset_disables+0x198/0x444\n msm_atomic_commit_tail+0x1d0/0x374\n commit_tail+0x80/0x108\n drm_atomic_helper_commit+0x118/0x11c\n drm_atomic_commit+0xb4/0xe0\n drm_client_modeset_commit_atomic+0x184/0x224\n drm_client_modeset_commit_locked+0x58/0x160\n drm_client_modeset_commit+0x3c/0x64\n __drm_fb_helper_restore_fbdev_mode_unlocked+0x98/0xac\n drm_fb_helper_set_par+0x74/0x80\n drm_fb_helper_hotplug_event+0xdc/0xe0\n __drm_fb_helper_restore_fbdev_mode_unlocked+0x7c/0xac\n drm_fb_helper_restore_fbdev_mode_unlocked+0x20/0x2c\n drm_fb_helper_lastclose+0x20/0x2c\n drm_lastclose+0x44/0x6c\n drm_release+0x88/0xd4\n __fput+0x104/0x220\n ____fput+0x1c/0x28\n task_work_run+0x8c/0x100\n d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50398",
"url": "https://www.suse.com/security/cve/CVE-2022-50398"
},
{
"category": "external",
"summary": "SUSE Bug 1250103 for CVE-2022-50398",
"url": "https://bugzilla.suse.com/1250103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50398"
},
{
"cve": "CVE-2022-50399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: atomisp: prevent integer overflow in sh_css_set_black_frame()\n\nThe \"height\" and \"width\" values come from the user so the \"height * width\"\nmultiplication can overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50399",
"url": "https://www.suse.com/security/cve/CVE-2022-50399"
},
{
"category": "external",
"summary": "SUSE Bug 1250108 for CVE-2022-50399",
"url": "https://bugzilla.suse.com/1250108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50399"
},
{
"cve": "CVE-2022-50401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure\n\nOn error situation `clp-\u003ecl_cb_conn.cb_xprt` should not be given\na reference to the xprt otherwise both client cleanup and the\nerror handling path of the caller call to put it. Better to\ndelay handing over the reference to a later branch.\n\n[ 72.530665] refcount_t: underflow; use-after-free.\n[ 72.531933] WARNING: CPU: 0 PID: 173 at lib/refcount.c:28 refcount_warn_saturate+0xcf/0x120\n[ 72.533075] Modules linked in: nfsd(OE) nfsv4(OE) nfsv3(OE) nfs(OE) lockd(OE) compat_nfs_ssc(OE) nfs_acl(OE) rpcsec_gss_krb5(OE) auth_rpcgss(OE) rpcrdma(OE) dns_resolver fscache netfs grace rdma_cm iw_cm ib_cm sunrpc(OE) mlx5_ib mlx5_core mlxfw pci_hyperv_intf ib_uverbs ib_core xt_MASQUERADE nf_conntrack_netlink nft_counter xt_addrtype nft_compat br_netfilter bridge stp llc nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set overlay nf_tables nfnetlink crct10dif_pclmul crc32_pclmul ghash_clmulni_intel xfs serio_raw virtio_net virtio_blk net_failover failover fuse [last unloaded: sunrpc]\n[ 72.540389] CPU: 0 PID: 173 Comm: kworker/u16:5 Tainted: G OE 5.15.82-dan #1\n[ 72.541511] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1.16.0-3.module+el8.7.0+1084+97b81f61 04/01/2014\n[ 72.542717] Workqueue: nfsd4_callbacks nfsd4_run_cb_work [nfsd]\n[ 72.543575] RIP: 0010:refcount_warn_saturate+0xcf/0x120\n[ 72.544299] Code: 55 00 0f 0b 5d e9 01 50 98 00 80 3d 75 9e 39 08 00 0f 85 74 ff ff ff 48 c7 c7 e8 d1 60 8e c6 05 61 9e 39 08 01 e8 f6 51 55 00 \u003c0f\u003e 0b 5d e9 d9 4f 98 00 80 3d 4b 9e 39 08 00 0f 85 4c ff ff ff 48\n[ 72.546666] RSP: 0018:ffffb3f841157cf0 EFLAGS: 00010286\n[ 72.547393] RAX: 0000000000000026 RBX: ffff89ac6231d478 RCX: 0000000000000000\n[ 72.548324] RDX: ffff89adb7c2c2c0 RSI: ffff89adb7c205c0 RDI: ffff89adb7c205c0\n[ 72.549271] RBP: ffffb3f841157cf0 R08: 0000000000000000 R09: c0000000ffefffff\n[ 72.550209] R10: 0000000000000001 R11: ffffb3f841157ad0 R12: ffff89ac6231d180\n[ 72.551142] R13: ffff89ac6231d478 R14: ffff89ac40c06180 R15: ffff89ac6231d4b0\n[ 72.552089] FS: 0000000000000000(0000) GS:ffff89adb7c00000(0000) knlGS:0000000000000000\n[ 72.553175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 72.553934] CR2: 0000563a310506a8 CR3: 0000000109a66000 CR4: 0000000000350ef0\n[ 72.554874] Call Trace:\n[ 72.555278] \u003cTASK\u003e\n[ 72.555614] svc_xprt_put+0xaf/0xe0 [sunrpc]\n[ 72.556276] nfsd4_process_cb_update.isra.11+0xb7/0x410 [nfsd]\n[ 72.557087] ? update_load_avg+0x82/0x610\n[ 72.557652] ? cpuacct_charge+0x60/0x70\n[ 72.558212] ? dequeue_entity+0xdb/0x3e0\n[ 72.558765] ? queued_spin_unlock+0x9/0x20\n[ 72.559358] nfsd4_run_cb_work+0xfc/0x270 [nfsd]\n[ 72.560031] process_one_work+0x1df/0x390\n[ 72.560600] worker_thread+0x37/0x3b0\n[ 72.561644] ? process_one_work+0x390/0x390\n[ 72.562247] kthread+0x12f/0x150\n[ 72.562710] ? set_kthread_struct+0x50/0x50\n[ 72.563309] ret_from_fork+0x22/0x30\n[ 72.563818] \u003c/TASK\u003e\n[ 72.564189] ---[ end trace 031117b1c72ec616 ]---\n[ 72.566019] list_add corruption. next-\u003eprev should be prev (ffff89ac4977e538), but was ffff89ac4763e018. (next=ffff89ac4763e018).\n[ 72.567647] ------------[ cut here ]------------",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50401",
"url": "https://www.suse.com/security/cve/CVE-2022-50401"
},
{
"category": "external",
"summary": "SUSE Bug 1250140 for CVE-2022-50401",
"url": "https://bugzilla.suse.com/1250140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50401"
},
{
"cve": "CVE-2022-50402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/md/md-bitmap: check the return value of md_bitmap_get_counter()\n\nCheck the return value of md_bitmap_get_counter() in case it returns\nNULL pointer, which will result in a null pointer dereference.\n\nv2: update the check to include other dereference",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50402",
"url": "https://www.suse.com/security/cve/CVE-2022-50402"
},
{
"category": "external",
"summary": "SUSE Bug 1250363 for CVE-2022-50402",
"url": "https://bugzilla.suse.com/1250363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50402"
},
{
"cve": "CVE-2022-50404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fbcon: release buffer when fbcon_do_set_font() failed\n\nsyzbot is reporting memory leak at fbcon_do_set_font() [1], for\ncommit a5a923038d70 (\"fbdev: fbcon: Properly revert changes when\nvc_resize() failed\") missed that the buffer might be newly allocated\nby fbcon_set_font().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50404",
"url": "https://www.suse.com/security/cve/CVE-2022-50404"
},
{
"category": "external",
"summary": "SUSE Bug 1250153 for CVE-2022-50404",
"url": "https://bugzilla.suse.com/1250153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50404"
},
{
"cve": "CVE-2022-50406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: iomap: fix memory corruption when recording errors during writeback\n\nEvery now and then I see this crash on arm64:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000000f8\nBuffer I/O error on dev dm-0, logical block 8733687, async page read\nMem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\nuser pgtable: 64k pages, 42-bit VAs, pgdp=0000000139750000\n[00000000000000f8] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000, pmd=0000000000000000\nInternal error: Oops: 96000006 [#1] PREEMPT SMP\nBuffer I/O error on dev dm-0, logical block 8733688, async page read\nDumping ftrace buffer:\nBuffer I/O error on dev dm-0, logical block 8733689, async page read\n (ftrace buffer empty)\nXFS (dm-0): log I/O error -5\nModules linked in: dm_thin_pool dm_persistent_data\nXFS (dm-0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x1ec/0x590 [xfs] (fs/xfs/xfs_trans_buf.c:296).\n dm_bio_prison\nXFS (dm-0): Please unmount the filesystem and rectify the problem(s)\nXFS (dm-0): xfs_imap_lookup: xfs_ialloc_read_agi() returned error -5, agno 0\n dm_bufio dm_log_writes xfs nft_chain_nat xt_REDIRECT nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_REJECT\npotentially unexpected fatal signal 6.\n nf_reject_ipv6\npotentially unexpected fatal signal 6.\n ipt_REJECT nf_reject_ipv4\nCPU: 1 PID: 122166 Comm: fsstress Tainted: G W 6.0.0-rc5-djwa #rc5 3004c9f1de887ebae86015f2677638ce51ee7\n rpcsec_gss_krb5 auth_rpcgss xt_tcpudp ip_set_hash_ip ip_set_hash_net xt_set nft_compat ip_set_hash_mac ip_set nf_tables\nHardware name: QEMU KVM Virtual Machine, BIOS 1.5.1 06/16/2021\npstate: 60001000 (nZCv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--)\n ip_tables\npc : 000003fd6d7df200\n x_tables\nlr : 000003fd6d7df1ec\n overlay nfsv4\nCPU: 0 PID: 54031 Comm: u4:3 Tainted: G W 6.0.0-rc5-djwa #rc5 3004c9f1de887ebae86015f2677638ce51ee7405\nHardware name: QEMU KVM Virtual Machine, BIOS 1.5.1 06/16/2021\nWorkqueue: writeback wb_workfn\nsp : 000003ffd9522fd0\n (flush-253:0)\npstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--)\npc : errseq_set+0x1c/0x100\nx29: 000003ffd9522fd0 x28: 0000000000000023 x27: 000002acefeb6780\nx26: 0000000000000005 x25: 0000000000000001 x24: 0000000000000000\nx23: 00000000ffffffff x22: 0000000000000005\nlr : __filemap_set_wb_err+0x24/0xe0\n x21: 0000000000000006\nsp : fffffe000f80f760\nx29: fffffe000f80f760 x28: 0000000000000003 x27: fffffe000f80f9f8\nx26: 0000000002523000 x25: 00000000fffffffb x24: fffffe000f80f868\nx23: fffffe000f80fbb0 x22: fffffc0180c26a78 x21: 0000000002530000\nx20: 0000000000000000 x19: 0000000000000000 x18: 0000000000000000\n\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000001 x13: 0000000000470af3 x12: fffffc0058f70000\nx11: 0000000000000040 x10: 0000000000001b20 x9 : fffffe000836b288\nx8 : fffffc00eb9fd480 x7 : 0000000000f83659 x6 : 0000000000000000\nx5 : 0000000000000869 x4 : 0000000000000005 x3 : 00000000000000f8\nx20: 000003fd6d740020 x19: 000000000001dd36 x18: 0000000000000001\nx17: 000003fd6d78704c x16: 0000000000000001 x15: 000002acfac87668\nx2 : 0000000000000ffa x1 : 00000000fffffffb x0 : 00000000000000f8\nCall trace:\n errseq_set+0x1c/0x100\n __filemap_set_wb_err+0x24/0xe0\n iomap_do_writepage+0x5e4/0xd5c\n write_cache_pages+0x208/0x674\n iomap_writepages+0x34/0x60\n xfs_vm_writepages+0x8c/0xcc [xfs 7a861f39c43631f15d3a5884246ba5035d4ca78b]\nx14: 0000000000000000 x13: 2064656e72757465 x12: 0000000000002180\nx11: 000003fd6d8a82d0 x10: 0000000000000000 x9 : 000003fd6d8ae288\nx8 : 0000000000000083 x7 : 00000000ffffffff x6 : 00000000ffffffee\nx5 : 00000000fbad2887 x4 : 000003fd6d9abb58 x3 : 000003fd6d740020\nx2 : 0000000000000006 x1 : 000000000001dd36 x0 : 0000000000000000\nCPU: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50406",
"url": "https://www.suse.com/security/cve/CVE-2022-50406"
},
{
"category": "external",
"summary": "SUSE Bug 1250165 for CVE-2022-50406",
"url": "https://bugzilla.suse.com/1250165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50406"
},
{
"cve": "CVE-2022-50408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()\n\n\u003e ret = brcmf_proto_tx_queue_data(drvr, ifp-\u003eifidx, skb);\n\nmay be schedule, and then complete before the line\n\n\u003e ndev-\u003estats.tx_bytes += skb-\u003elen;\n\n[ 46.912801] ==================================================================\n[ 46.920552] BUG: KASAN: use-after-free in brcmf_netdev_start_xmit+0x718/0x8c8 [brcmfmac]\n[ 46.928673] Read of size 4 at addr ffffff803f5882e8 by task systemd-resolve/328\n[ 46.935991]\n[ 46.937514] CPU: 1 PID: 328 Comm: systemd-resolve Tainted: G O 5.4.199-[REDACTED] #1\n[ 46.947255] Hardware name: [REDACTED]\n[ 46.954568] Call trace:\n[ 46.957037] dump_backtrace+0x0/0x2b8\n[ 46.960719] show_stack+0x24/0x30\n[ 46.964052] dump_stack+0x128/0x194\n[ 46.967557] print_address_description.isra.0+0x64/0x380\n[ 46.972877] __kasan_report+0x1d4/0x240\n[ 46.976723] kasan_report+0xc/0x18\n[ 46.980138] __asan_report_load4_noabort+0x18/0x20\n[ 46.985027] brcmf_netdev_start_xmit+0x718/0x8c8 [brcmfmac]\n[ 46.990613] dev_hard_start_xmit+0x1bc/0xda0\n[ 46.994894] sch_direct_xmit+0x198/0xd08\n[ 46.998827] __qdisc_run+0x37c/0x1dc0\n[ 47.002500] __dev_queue_xmit+0x1528/0x21f8\n[ 47.006692] dev_queue_xmit+0x24/0x30\n[ 47.010366] neigh_resolve_output+0x37c/0x678\n[ 47.014734] ip_finish_output2+0x598/0x2458\n[ 47.018927] __ip_finish_output+0x300/0x730\n[ 47.023118] ip_output+0x2e0/0x430\n[ 47.026530] ip_local_out+0x90/0x140\n[ 47.030117] igmpv3_sendpack+0x14c/0x228\n[ 47.034049] igmpv3_send_cr+0x384/0x6b8\n[ 47.037895] igmp_ifc_timer_expire+0x4c/0x118\n[ 47.042262] call_timer_fn+0x1cc/0xbe8\n[ 47.046021] __run_timers+0x4d8/0xb28\n[ 47.049693] run_timer_softirq+0x24/0x40\n[ 47.053626] __do_softirq+0x2c0/0x117c\n[ 47.057387] irq_exit+0x2dc/0x388\n[ 47.060715] __handle_domain_irq+0xb4/0x158\n[ 47.064908] gic_handle_irq+0x58/0xb0\n[ 47.068581] el0_irq_naked+0x50/0x5c\n[ 47.072162]\n[ 47.073665] Allocated by task 328:\n[ 47.077083] save_stack+0x24/0xb0\n[ 47.080410] __kasan_kmalloc.isra.0+0xc0/0xe0\n[ 47.084776] kasan_slab_alloc+0x14/0x20\n[ 47.088622] kmem_cache_alloc+0x15c/0x468\n[ 47.092643] __alloc_skb+0xa4/0x498\n[ 47.096142] igmpv3_newpack+0x158/0xd78\n[ 47.099987] add_grhead+0x210/0x288\n[ 47.103485] add_grec+0x6b0/0xb70\n[ 47.106811] igmpv3_send_cr+0x2e0/0x6b8\n[ 47.110657] igmp_ifc_timer_expire+0x4c/0x118\n[ 47.115027] call_timer_fn+0x1cc/0xbe8\n[ 47.118785] __run_timers+0x4d8/0xb28\n[ 47.122457] run_timer_softirq+0x24/0x40\n[ 47.126389] __do_softirq+0x2c0/0x117c\n[ 47.130142]\n[ 47.131643] Freed by task 180:\n[ 47.134712] save_stack+0x24/0xb0\n[ 47.138041] __kasan_slab_free+0x108/0x180\n[ 47.142146] kasan_slab_free+0x10/0x18\n[ 47.145904] slab_free_freelist_hook+0xa4/0x1b0\n[ 47.150444] kmem_cache_free+0x8c/0x528\n[ 47.154292] kfree_skbmem+0x94/0x108\n[ 47.157880] consume_skb+0x10c/0x5a8\n[ 47.161466] __dev_kfree_skb_any+0x88/0xa0\n[ 47.165598] brcmu_pkt_buf_free_skb+0x44/0x68 [brcmutil]\n[ 47.171023] brcmf_txfinalize+0xec/0x190 [brcmfmac]\n[ 47.176016] brcmf_proto_bcdc_txcomplete+0x1c0/0x210 [brcmfmac]\n[ 47.182056] brcmf_sdio_sendfromq+0x8dc/0x1e80 [brcmfmac]\n[ 47.187568] brcmf_sdio_dpc+0xb48/0x2108 [brcmfmac]\n[ 47.192529] brcmf_sdio_dataworker+0xc8/0x238 [brcmfmac]\n[ 47.197859] process_one_work+0x7fc/0x1a80\n[ 47.201965] worker_thread+0x31c/0xc40\n[ 47.205726] kthread+0x2d8/0x370\n[ 47.208967] ret_from_fork+0x10/0x18\n[ 47.212546]\n[ 47.214051] The buggy address belongs to the object at ffffff803f588280\n[ 47.214051] which belongs to the cache skbuff_head_cache of size 208\n[ 47.227086] The buggy address is located 104 bytes inside of\n[ 47.227086] 208-byte region [ffffff803f588280, ffffff803f588350)\n[ 47.238814] The buggy address belongs to the page:\n[ 47.243618] page:ffffffff00dd6200 refcount:1 mapcou\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50408",
"url": "https://www.suse.com/security/cve/CVE-2022-50408"
},
{
"category": "external",
"summary": "SUSE Bug 1250391 for CVE-2022-50408",
"url": "https://bugzilla.suse.com/1250391"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50408"
},
{
"cve": "CVE-2022-50409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: If sock is dead don\u0027t access sock\u0027s sk_wq in sk_stream_wait_memory\n\nFixes the below NULL pointer dereference:\n\n [...]\n [ 14.471200] Call Trace:\n [ 14.471562] \u003cTASK\u003e\n [ 14.471882] lock_acquire+0x245/0x2e0\n [ 14.472416] ? remove_wait_queue+0x12/0x50\n [ 14.473014] ? _raw_spin_lock_irqsave+0x17/0x50\n [ 14.473681] _raw_spin_lock_irqsave+0x3d/0x50\n [ 14.474318] ? remove_wait_queue+0x12/0x50\n [ 14.474907] remove_wait_queue+0x12/0x50\n [ 14.475480] sk_stream_wait_memory+0x20d/0x340\n [ 14.476127] ? do_wait_intr_irq+0x80/0x80\n [ 14.476704] do_tcp_sendpages+0x287/0x600\n [ 14.477283] tcp_bpf_push+0xab/0x260\n [ 14.477817] tcp_bpf_sendmsg_redir+0x297/0x500\n [ 14.478461] ? __local_bh_enable_ip+0x77/0xe0\n [ 14.479096] tcp_bpf_send_verdict+0x105/0x470\n [ 14.479729] tcp_bpf_sendmsg+0x318/0x4f0\n [ 14.480311] sock_sendmsg+0x2d/0x40\n [ 14.480822] ____sys_sendmsg+0x1b4/0x1c0\n [ 14.481390] ? copy_msghdr_from_user+0x62/0x80\n [ 14.482048] ___sys_sendmsg+0x78/0xb0\n [ 14.482580] ? vmf_insert_pfn_prot+0x91/0x150\n [ 14.483215] ? __do_fault+0x2a/0x1a0\n [ 14.483738] ? do_fault+0x15e/0x5d0\n [ 14.484246] ? __handle_mm_fault+0x56b/0x1040\n [ 14.484874] ? lock_is_held_type+0xdf/0x130\n [ 14.485474] ? find_held_lock+0x2d/0x90\n [ 14.486046] ? __sys_sendmsg+0x41/0x70\n [ 14.486587] __sys_sendmsg+0x41/0x70\n [ 14.487105] ? intel_pmu_drain_pebs_core+0x350/0x350\n [ 14.487822] do_syscall_64+0x34/0x80\n [ 14.488345] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n [...]\n\nThe test scenario has the following flow:\n\nthread1 thread2\n----------- ---------------\n tcp_bpf_sendmsg\n tcp_bpf_send_verdict\n tcp_bpf_sendmsg_redir sock_close\n tcp_bpf_push_locked __sock_release\n tcp_bpf_push //inet_release\n do_tcp_sendpages sock-\u003eops-\u003erelease\n sk_stream_wait_memory \t // tcp_close\n sk_wait_event sk-\u003esk_prot-\u003eclose\n release_sock(__sk);\n ***\n lock_sock(sk);\n __tcp_close\n sock_orphan(sk)\n sk-\u003esk_wq = NULL\n release_sock\n ****\n lock_sock(__sk);\n remove_wait_queue(sk_sleep(sk), \u0026wait);\n sk_sleep(sk)\n //NULL pointer dereference\n \u0026rcu_dereference_raw(sk-\u003esk_wq)-\u003ewait\n\nWhile waiting for memory in thread1, the socket is released with its wait\nqueue because thread2 has closed it. This caused by tcp_bpf_send_verdict\ndidn\u0027t increase the f_count of psock-\u003esk_redir-\u003esk_socket-\u003efile in thread1.\n\nWe should check if SOCK_DEAD flag is set on wakeup in sk_stream_wait_memory\nbefore accessing the wait queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50409",
"url": "https://www.suse.com/security/cve/CVE-2022-50409"
},
{
"category": "external",
"summary": "SUSE Bug 1250392 for CVE-2022-50409",
"url": "https://bugzilla.suse.com/1250392"
},
{
"category": "external",
"summary": "SUSE Bug 1250665 for CVE-2022-50409",
"url": "https://bugzilla.suse.com/1250665"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50409"
},
{
"cve": "CVE-2022-50410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Protect against send buffer overflow in NFSv2 READ\n\nSince before the git era, NFSD has conserved the number of pages\nheld by each nfsd thread by combining the RPC receive and send\nbuffers into a single array of pages. This works because there are\nno cases where an operation needs a large RPC Call message and a\nlarge RPC Reply at the same time.\n\nOnce an RPC Call has been received, svc_process() updates\nsvc_rqst::rq_res to describe the part of rq_pages that can be\nused for constructing the Reply. This means that the send buffer\n(rq_res) shrinks when the received RPC record containing the RPC\nCall is large.\n\nA client can force this shrinkage on TCP by sending a correctly-\nformed RPC Call header contained in an RPC record that is\nexcessively large. The full maximum payload size cannot be\nconstructed in that case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50410",
"url": "https://www.suse.com/security/cve/CVE-2022-50410"
},
{
"category": "external",
"summary": "SUSE Bug 1250187 for CVE-2022-50410",
"url": "https://bugzilla.suse.com/1250187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50410"
},
{
"cve": "CVE-2022-50411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Fix error code path in acpi_ds_call_control_method()\n\nA use-after-free in acpi_ps_parse_aml() after a failing invocaion of\nacpi_ds_call_control_method() is reported by KASAN [1] and code\ninspection reveals that next_walk_state pushed to the thread by\nacpi_ds_create_walk_state() is freed on errors, but it is not popped\nfrom the thread beforehand. Thus acpi_ds_get_current_walk_state()\ncalled by acpi_ps_parse_aml() subsequently returns it as the new\nwalk state which is incorrect.\n\nTo address this, make acpi_ds_call_control_method() call\nacpi_ds_pop_walk_state() to pop next_walk_state from the thread before\nreturning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50411",
"url": "https://www.suse.com/security/cve/CVE-2022-50411"
},
{
"category": "external",
"summary": "SUSE Bug 1250393 for CVE-2022-50411",
"url": "https://bugzilla.suse.com/1250393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50411"
},
{
"cve": "CVE-2022-50412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50412"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: adv7511: unregister cec i2c device after cec adapter\n\ncec_unregister_adapter() assumes that the underlying adapter ops are\ncallable. For example, if the CEC adapter currently has a valid physical\naddress, then the unregistration procedure will invalidate the physical\naddress by setting it to f.f.f.f. Whence the following kernel oops\nobserved after removing the adv7511 module:\n\n Unable to handle kernel execution of user memory at virtual address 0000000000000000\n Internal error: Oops: 86000004 [#1] PREEMPT_RT SMP\n Call trace:\n 0x0\n adv7511_cec_adap_log_addr+0x1ac/0x1c8 [adv7511]\n cec_adap_unconfigure+0x44/0x90 [cec]\n __cec_s_phys_addr.part.0+0x68/0x230 [cec]\n __cec_s_phys_addr+0x40/0x50 [cec]\n cec_unregister_adapter+0xb4/0x118 [cec]\n adv7511_remove+0x60/0x90 [adv7511]\n i2c_device_remove+0x34/0xe0\n device_release_driver_internal+0x114/0x1f0\n driver_detach+0x54/0xe0\n bus_remove_driver+0x60/0xd8\n driver_unregister+0x34/0x60\n i2c_del_driver+0x2c/0x68\n adv7511_exit+0x1c/0x67c [adv7511]\n __arm64_sys_delete_module+0x154/0x288\n invoke_syscall+0x48/0x100\n el0_svc_common.constprop.0+0x48/0xe8\n do_el0_svc+0x28/0x88\n el0_svc+0x1c/0x50\n el0t_64_sync_handler+0xa8/0xb0\n el0t_64_sync+0x15c/0x160\n Code: bad PC value\n ---[ end trace 0000000000000000 ]---\n\nProtect against this scenario by unregistering i2c_cec after\nunregistering the CEC adapter. Duly disable the CEC clock afterwards\ntoo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50412",
"url": "https://www.suse.com/security/cve/CVE-2022-50412"
},
{
"category": "external",
"summary": "SUSE Bug 1250189 for CVE-2022-50412",
"url": "https://bugzilla.suse.com/1250189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50412"
},
{
"cve": "CVE-2022-50414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: fcoe: Fix transport not deattached when fcoe_if_init() fails\n\nfcoe_init() calls fcoe_transport_attach(\u0026fcoe_sw_transport), but when\nfcoe_if_init() fails, \u0026fcoe_sw_transport is not detached and leaves freed\n\u0026fcoe_sw_transport on fcoe_transports list. This causes panic when\nreinserting module.\n\n BUG: unable to handle page fault for address: fffffbfff82e2213\n RIP: 0010:fcoe_transport_attach+0xe1/0x230 [libfcoe]\n Call Trace:\n \u003cTASK\u003e\n do_one_initcall+0xd0/0x4e0\n load_module+0x5eee/0x7210\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50414",
"url": "https://www.suse.com/security/cve/CVE-2022-50414"
},
{
"category": "external",
"summary": "SUSE Bug 1250183 for CVE-2022-50414",
"url": "https://bugzilla.suse.com/1250183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50414"
},
{
"cve": "CVE-2022-50417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50417"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panfrost: Fix GEM handle creation ref-counting\n\npanfrost_gem_create_with_handle() previously returned a BO but with the\nonly reference being from the handle, which user space could in theory\nguess and release, causing a use-after-free. Additionally if the call to\npanfrost_gem_mapping_get() in panfrost_ioctl_create_bo() failed then\na(nother) reference on the BO was dropped.\n\nThe _create_with_handle() is a problematic pattern, so ditch it and\ninstead create the handle in panfrost_ioctl_create_bo(). If the call to\npanfrost_gem_mapping_get() fails then this means that user space has\nindeed gone behind our back and freed the handle. In which case just\nreturn an error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50417",
"url": "https://www.suse.com/security/cve/CVE-2022-50417"
},
{
"category": "external",
"summary": "SUSE Bug 1250184 for CVE-2022-50417",
"url": "https://bugzilla.suse.com/1250184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50417"
},
{
"cve": "CVE-2022-50418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()\n\nmhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets\nsome error, mhi_ctrl should be freed with mhi_free_controller(). But\nwhen ath11k_mhi_read_addr_from_dt() fails, the function returns without\ncalling mhi_free_controller(), which will lead to a memory leak.\n\nWe can fix it by calling mhi_free_controller() when\nath11k_mhi_read_addr_from_dt() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50418",
"url": "https://www.suse.com/security/cve/CVE-2022-50418"
},
{
"category": "external",
"summary": "SUSE Bug 1250285 for CVE-2022-50418",
"url": "https://bugzilla.suse.com/1250285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50418"
},
{
"cve": "CVE-2022-50419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sysfs: Fix attempting to call device_add multiple times\n\ndevice_add shall not be called multiple times as stated in its\ndocumentation:\n\n \u0027Do not call this routine or device_register() more than once for\n any device structure\u0027\n\nSyzkaller reports a bug as follows [1]:\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:33!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN\n[...]\nCall Trace:\n \u003cTASK\u003e\n __list_add include/linux/list.h:69 [inline]\n list_add_tail include/linux/list.h:102 [inline]\n kobj_kset_join lib/kobject.c:164 [inline]\n kobject_add_internal+0x18f/0x8f0 lib/kobject.c:214\n kobject_add_varg lib/kobject.c:358 [inline]\n kobject_add+0x150/0x1c0 lib/kobject.c:410\n device_add+0x368/0x1e90 drivers/base/core.c:3452\n hci_conn_add_sysfs+0x9b/0x1b0 net/bluetooth/hci_sysfs.c:53\n hci_le_cis_estabilished_evt+0x57c/0xae0 net/bluetooth/hci_event.c:6799\n hci_le_meta_evt+0x2b8/0x510 net/bluetooth/hci_event.c:7110\n hci_event_func net/bluetooth/hci_event.c:7440 [inline]\n hci_event_packet+0x63d/0xfd0 net/bluetooth/hci_event.c:7495\n hci_rx_work+0xae7/0x1230 net/bluetooth/hci_core.c:4007\n process_one_work+0x991/0x1610 kernel/workqueue.c:2289\n worker_thread+0x665/0x1080 kernel/workqueue.c:2436\n kthread+0x2e4/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50419",
"url": "https://www.suse.com/security/cve/CVE-2022-50419"
},
{
"category": "external",
"summary": "SUSE Bug 1250394 for CVE-2022-50419",
"url": "https://bugzilla.suse.com/1250394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50419"
},
{
"cve": "CVE-2022-50422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50422"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libsas: Fix use-after-free bug in smp_execute_task_sg()\n\nWhen executing SMP task failed, the smp_execute_task_sg() calls del_timer()\nto delete \"slow_task-\u003etimer\". However, if the timer handler\nsas_task_internal_timedout() is running, the del_timer() in\nsmp_execute_task_sg() will not stop it and a UAF will happen. The process\nis shown below:\n\n (thread 1) | (thread 2)\nsmp_execute_task_sg() | sas_task_internal_timedout()\n ... |\n del_timer() |\n ... | ...\n sas_free_task(task) |\n kfree(task-\u003eslow_task) //FREE|\n | task-\u003eslow_task-\u003e... //USE\n\nFix by calling del_timer_sync() in smp_execute_task_sg(), which makes sure\nthe timer handler have finished before the \"task-\u003eslow_task\" is\ndeallocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50422",
"url": "https://www.suse.com/security/cve/CVE-2022-50422"
},
{
"category": "external",
"summary": "SUSE Bug 1250774 for CVE-2022-50422",
"url": "https://bugzilla.suse.com/1250774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50422"
},
{
"cve": "CVE-2022-50423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50423"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()\n\nThere is an use-after-free reported by KASAN:\n\n BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82\n Read of size 1 at addr ffff888112afc460 by task modprobe/2111\n CPU: 0 PID: 2111 Comm: modprobe Not tainted 6.1.0-rc7-dirty\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n Call Trace:\n \u003cTASK\u003e\n kasan_report+0xae/0xe0\n acpi_ut_remove_reference+0x3b/0x82\n acpi_ut_copy_iobject_to_iobject+0x3be/0x3d5\n acpi_ds_store_object_to_local+0x15d/0x3a0\n acpi_ex_store+0x78d/0x7fd\n acpi_ex_opcode_1A_1T_1R+0xbe4/0xf9b\n acpi_ps_parse_aml+0x217/0x8d5\n ...\n \u003c/TASK\u003e\n\nThe root cause of the problem is that the acpi_operand_object\nis freed when acpi_ut_walk_package_tree() fails in\nacpi_ut_copy_ipackage_to_ipackage(), lead to repeated release in\nacpi_ut_copy_iobject_to_iobject(). The problem was introduced\nby \"8aa5e56eeb61\" commit, this commit is to fix memory leak in\nacpi_ut_copy_iobject_to_iobject(), repeatedly adding remove\noperation, lead to \"acpi_operand_object\" used after free.\n\nFix it by removing acpi_ut_remove_reference() in\nacpi_ut_copy_ipackage_to_ipackage(). acpi_ut_copy_ipackage_to_ipackage()\nis called to copy an internal package object into another internal\npackage object, when it fails, the memory of acpi_operand_object\nshould be freed by the caller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50423",
"url": "https://www.suse.com/security/cve/CVE-2022-50423"
},
{
"category": "external",
"summary": "SUSE Bug 1250784 for CVE-2022-50423",
"url": "https://bugzilla.suse.com/1250784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50423"
},
{
"cve": "CVE-2022-50425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50425"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly\n\nWhen an extended state component is not present in fpstate, but in init\nstate, the function copies from init_fpstate via copy_feature().\n\nBut, dynamic states are not present in init_fpstate because of all-zeros\ninit states. Then retrieving them from init_fpstate will explode like this:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n RIP: 0010:memcpy_erms+0x6/0x10\n ? __copy_xstate_to_uabi_buf+0x381/0x870\n fpu_copy_guest_fpstate_to_uabi+0x28/0x80\n kvm_arch_vcpu_ioctl+0x14c/0x1460 [kvm]\n ? __this_cpu_preempt_check+0x13/0x20\n ? vmx_vcpu_put+0x2e/0x260 [kvm_intel]\n kvm_vcpu_ioctl+0xea/0x6b0 [kvm]\n ? kvm_vcpu_ioctl+0xea/0x6b0 [kvm]\n ? __fget_light+0xd4/0x130\n __x64_sys_ioctl+0xe3/0x910\n ? debug_smp_processor_id+0x17/0x20\n ? fpregs_assert_state_consistent+0x27/0x50\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nAdjust the \u0027mask\u0027 to zero out the userspace buffer for the features that\nare not available both from fpstate and from init_fpstate.\n\nThe dynamic features depend on the compacted XSAVE format. Ensure it is\nenabled before reading XCOMP_BV in init_fpstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50425",
"url": "https://www.suse.com/security/cve/CVE-2022-50425"
},
{
"category": "external",
"summary": "SUSE Bug 1250781 for CVE-2022-50425",
"url": "https://bugzilla.suse.com/1250781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50425"
},
{
"cve": "CVE-2022-50427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50427"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ac97: fix possible memory leak in snd_ac97_dev_register()\n\nIf device_register() fails in snd_ac97_dev_register(), it should\ncall put_device() to give up reference, or the name allocated in\ndev_set_name() is leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50427",
"url": "https://www.suse.com/security/cve/CVE-2022-50427"
},
{
"category": "external",
"summary": "SUSE Bug 1250787 for CVE-2022-50427",
"url": "https://bugzilla.suse.com/1250787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50427"
},
{
"cve": "CVE-2022-50428",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50428"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one errors in fast-commit block filling\n\nDue to several different off-by-one errors, or perhaps due to a late\nchange in design that wasn\u0027t fully reflected in the code that was\nactually merged, there are several very strange constraints on how\nfast-commit blocks are filled with tlv entries:\n\n- tlvs must start at least 10 bytes before the end of the block, even\n though the minimum tlv length is 8. Otherwise, the replay code will\n ignore them. (BUG: ext4_fc_reserve_space() could violate this\n requirement if called with a len of blocksize - 9 or blocksize - 8.\n Fortunately, this doesn\u0027t seem to happen currently.)\n\n- tlvs must end at least 1 byte before the end of the block. Otherwise\n the replay code will consider them to be invalid. This quirk\n contributed to a bug (fixed by an earlier commit) where uninitialized\n memory was being leaked to disk in the last byte of blocks.\n\nAlso, strangely these constraints don\u0027t apply to the replay code in\ne2fsprogs, which will accept any tlvs in the blocks (with no bounds\nchecks at all, but that is a separate issue...).\n\nGiven that this all seems to be a bug, let\u0027s fix it by just filling\nblocks with tlv entries in the natural way.\n\nNote that old kernels will be unable to replay fast-commit journals\ncreated by kernels that have this commit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50428",
"url": "https://www.suse.com/security/cve/CVE-2022-50428"
},
{
"category": "external",
"summary": "SUSE Bug 1250786 for CVE-2022-50428",
"url": "https://bugzilla.suse.com/1250786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50428"
},
{
"cve": "CVE-2022-50429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()\n\nWe should add the of_node_put() when breaking out of\nfor_each_child_of_node() as it will automatically increase\nand decrease the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50429",
"url": "https://www.suse.com/security/cve/CVE-2022-50429"
},
{
"category": "external",
"summary": "SUSE Bug 1250811 for CVE-2022-50429",
"url": "https://bugzilla.suse.com/1250811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50429"
},
{
"cve": "CVE-2022-50430",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50430"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING\n\nvub300_enable_sdio_irq() works with mutex and need TASK_RUNNING here.\nEnsure that we mark current as TASK_RUNNING for sleepable context.\n\n[ 77.554641] do not call blocking ops when !TASK_RUNNING; state=1 set at [\u003cffffffff92a72c1d\u003e] sdio_irq_thread+0x17d/0x5b0\n[ 77.554652] WARNING: CPU: 2 PID: 1983 at kernel/sched/core.c:9813 __might_sleep+0x116/0x160\n[ 77.554905] CPU: 2 PID: 1983 Comm: ksdioirqd/mmc1 Tainted: G OE 6.1.0-rc5 #1\n[ 77.554910] Hardware name: Intel(R) Client Systems NUC8i7BEH/NUC8BEB, BIOS BECFL357.86A.0081.2020.0504.1834 05/04/2020\n[ 77.554912] RIP: 0010:__might_sleep+0x116/0x160\n[ 77.554920] RSP: 0018:ffff888107b7fdb8 EFLAGS: 00010282\n[ 77.554923] RAX: 0000000000000000 RBX: ffff888118c1b740 RCX: 0000000000000000\n[ 77.554926] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffed1020f6ffa9\n[ 77.554928] RBP: ffff888107b7fde0 R08: 0000000000000001 R09: ffffed1043ea60ba\n[ 77.554930] R10: ffff88821f5305cb R11: ffffed1043ea60b9 R12: ffffffff93aa3a60\n[ 77.554932] R13: 000000000000011b R14: 7fffffffffffffff R15: ffffffffc0558660\n[ 77.554934] FS: 0000000000000000(0000) GS:ffff88821f500000(0000) knlGS:0000000000000000\n[ 77.554937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 77.554939] CR2: 00007f8a44010d68 CR3: 000000024421a003 CR4: 00000000003706e0\n[ 77.554942] Call Trace:\n[ 77.554944] \u003cTASK\u003e\n[ 77.554952] mutex_lock+0x78/0xf0\n[ 77.554973] vub300_enable_sdio_irq+0x103/0x3c0 [vub300]\n[ 77.554981] sdio_irq_thread+0x25c/0x5b0\n[ 77.555006] kthread+0x2b8/0x370\n[ 77.555017] ret_from_fork+0x1f/0x30\n[ 77.555023] \u003c/TASK\u003e\n[ 77.555025] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50430",
"url": "https://www.suse.com/security/cve/CVE-2022-50430"
},
{
"category": "external",
"summary": "SUSE Bug 1250791 for CVE-2022-50430",
"url": "https://bugzilla.suse.com/1250791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50430"
},
{
"cve": "CVE-2022-50431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()\n\ndev_set_name() in soundbus_add_one() allocates memory for name, it need be\nfreed when of_device_register() fails, call soundbus_dev_put() to give up\nthe reference that hold in device_initialize(), so that it can be freed in\nkobject_cleanup() when the refcount hit to 0. And other resources are also\nfreed in i2sbus_release_dev(), so it can return 0 directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50431",
"url": "https://www.suse.com/security/cve/CVE-2022-50431"
},
{
"category": "external",
"summary": "SUSE Bug 1250790 for CVE-2022-50431",
"url": "https://bugzilla.suse.com/1250790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50431"
},
{
"cve": "CVE-2022-50432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix use-after-free in __kernfs_remove\n\nSyzkaller managed to trigger concurrent calls to\nkernfs_remove_by_name_ns() for the same file resulting in\na KASAN detected use-after-free. The race occurs when the root\nnode is freed during kernfs_drain().\n\nTo prevent this acquire an additional reference for the root\nof the tree that is removed before calling __kernfs_remove().\n\nFound by syzkaller with the following reproducer (slab_nomerge is\nrequired):\n\nsyz_mount_image$ext4(0x0, \u0026(0x7f0000000100)=\u0027./file0\\x00\u0027, 0x100000, 0x0, 0x0, 0x0, 0x0)\nr0 = openat(0xffffffffffffff9c, \u0026(0x7f0000000080)=\u0027/proc/self/exe\\x00\u0027, 0x0, 0x0)\nclose(r0)\npipe2(\u0026(0x7f0000000140)={0xffffffffffffffff, \u003cr1=\u003e0xffffffffffffffff}, 0x800)\nmount$9p_fd(0x0, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, \u0026(0x7f00000000c0), 0x408, \u0026(0x7f0000000280)={\u0027trans=fd,\u0027, {\u0027rfdno\u0027, 0x3d, r0}, 0x2c, {\u0027wfdno\u0027, 0x3d, r1}, 0x2c, {[{@cache_loose}, {@mmap}, {@loose}, {@loose}, {@mmap}], [{@mask={\u0027mask\u0027, 0x3d, \u0027^MAY_EXEC\u0027}}, {@fsmagic={\u0027fsmagic\u0027, 0x3d, 0x10001}}, {@dont_hash}]}})\n\nSample report:\n\n==================================================================\nBUG: KASAN: use-after-free in kernfs_type include/linux/kernfs.h:335 [inline]\nBUG: KASAN: use-after-free in kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\nBUG: KASAN: use-after-free in __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\nRead of size 2 at addr ffff8880088807f0 by task syz-executor.2/857\n\nCPU: 0 PID: 857 Comm: syz-executor.2 Not tainted 6.0.0-rc3-00363-g7726d4c3e60b #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x6e/0x91 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x5e/0x5e5 mm/kasan/report.c:433\n kasan_report+0xa3/0x130 mm/kasan/report.c:495\n kernfs_type include/linux/kernfs.h:335 [inline]\n kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\n __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\n __kernfs_remove fs/kernfs/dir.c:1356 [inline]\n kernfs_remove_by_name_ns+0x108/0x190 fs/kernfs/dir.c:1589\n sysfs_slab_add+0x133/0x1e0 mm/slub.c:5943\n __kmem_cache_create+0x3e0/0x550 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x167/0x2a0 mm/slab_common.c:335\n p9_client_create+0xd4d/0x1190 net/9p/client.c:993\n v9fs_session_init+0x1e6/0x13c0 fs/9p/v9fs.c:408\n v9fs_mount+0xb9/0xbd0 fs/9p/vfs_super.c:126\n legacy_get_tree+0xf1/0x200 fs/fs_context.c:610\n vfs_get_tree+0x85/0x2e0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x675/0x1d00 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x282/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f725f983aed\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f725f0f7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5\nRAX: ffffffffffffffda RBX: 00007f725faa3f80 RCX: 00007f725f983aed\nRDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000\nRBP: 00007f725f9f419c R08: 0000000020000280 R09: 0000000000000000\nR10: 0000000000000408 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000006 R14: 00007f725faa3f80 R15: 00007f725f0d7000\n \u003c/TASK\u003e\n\nAllocated by task 855:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:437 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:470\n kasan_slab_alloc include/linux/kasan.h:224 [inline]\n slab_post_alloc_hook mm/slab.h:7\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50432",
"url": "https://www.suse.com/security/cve/CVE-2022-50432"
},
{
"category": "external",
"summary": "SUSE Bug 1250851 for CVE-2022-50432",
"url": "https://bugzilla.suse.com/1250851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50432"
},
{
"cve": "CVE-2022-50433",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50433"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: ssdt: Don\u0027t free memory if ACPI table was loaded successfully\n\nAmadeusz reports KASAN use-after-free errors introduced by commit\n3881ee0b1edc (\"efi: avoid efivars layer when loading SSDTs from\nvariables\"). The problem appears to be that the memory that holds the\nnew ACPI table is now freed unconditionally, instead of only when the\nACPI core reported a failure to load the table.\n\nSo let\u0027s fix this, by omitting the kfree() on success.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50433",
"url": "https://www.suse.com/security/cve/CVE-2022-50433"
},
{
"category": "external",
"summary": "SUSE Bug 1250814 for CVE-2022-50433",
"url": "https://bugzilla.suse.com/1250814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50433"
},
{
"cve": "CVE-2022-50434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix possible memleak when register \u0027hctx\u0027 failed\n\nThere\u0027s issue as follows when do fault injection test:\nunreferenced object 0xffff888132a9f400 (size 512):\n comm \"insmod\", pid 308021, jiffies 4324277909 (age 509.733s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 08 f4 a9 32 81 88 ff ff ...........2....\n 08 f4 a9 32 81 88 ff ff 00 00 00 00 00 00 00 00 ...2............\n backtrace:\n [\u003c00000000e8952bb4\u003e] kmalloc_node_trace+0x22/0xa0\n [\u003c00000000f9980e0f\u003e] blk_mq_alloc_and_init_hctx+0x3f1/0x7e0\n [\u003c000000002e719efa\u003e] blk_mq_realloc_hw_ctxs+0x1e6/0x230\n [\u003c000000004f1fda40\u003e] blk_mq_init_allocated_queue+0x27e/0x910\n [\u003c00000000287123ec\u003e] __blk_mq_alloc_disk+0x67/0xf0\n [\u003c00000000a2a34657\u003e] 0xffffffffa2ad310f\n [\u003c00000000b173f718\u003e] 0xffffffffa2af824a\n [\u003c0000000095a1dabb\u003e] do_one_initcall+0x87/0x2a0\n [\u003c00000000f32fdf93\u003e] do_init_module+0xdf/0x320\n [\u003c00000000cbe8541e\u003e] load_module+0x3006/0x3390\n [\u003c0000000069ed1bdb\u003e] __do_sys_finit_module+0x113/0x1b0\n [\u003c00000000a1a29ae8\u003e] do_syscall_64+0x35/0x80\n [\u003c000000009cd878b0\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nFault injection context as follows:\n kobject_add\n blk_mq_register_hctx\n blk_mq_sysfs_register\n blk_register_queue\n device_add_disk\n null_add_dev.part.0 [null_blk]\n\nAs \u0027blk_mq_register_hctx\u0027 may already add some objects when failed halfway,\nbut there isn\u0027t do fallback, caller don\u0027t know which objects add failed.\nTo solve above issue just do fallback when add objects failed halfway in\n\u0027blk_mq_register_hctx\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50434",
"url": "https://www.suse.com/security/cve/CVE-2022-50434"
},
{
"category": "external",
"summary": "SUSE Bug 1250792 for CVE-2022-50434",
"url": "https://bugzilla.suse.com/1250792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50434"
},
{
"cve": "CVE-2022-50435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid crash when inline data creation follows DIO write\n\nWhen inode is created and written to using direct IO, there is nothing\nto clear the EXT4_STATE_MAY_INLINE_DATA flag. Thus when inode gets\ntruncated later to say 1 byte and written using normal write, we will\ntry to store the data as inline data. This confuses the code later\nbecause the inode now has both normal block and inline data allocated\nand the confusion manifests for example as:\n\nkernel BUG at fs/ext4/inode.c:2721!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 0 PID: 359 Comm: repro Not tainted 5.19.0-rc8-00001-g31ba1e3b8305-dirty #15\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014\nRIP: 0010:ext4_writepages+0x363d/0x3660\nRSP: 0018:ffffc90000ccf260 EFLAGS: 00010293\nRAX: ffffffff81e1abcd RBX: 0000008000000000 RCX: ffff88810842a180\nRDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000\nRBP: ffffc90000ccf650 R08: ffffffff81e17d58 R09: ffffed10222c680b\nR10: dfffe910222c680c R11: 1ffff110222c680a R12: ffff888111634128\nR13: ffffc90000ccf880 R14: 0000008410000000 R15: 0000000000000001\nFS: 00007f72635d2640(0000) GS:ffff88811b000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000565243379180 CR3: 000000010aa74000 CR4: 0000000000150eb0\nCall Trace:\n \u003cTASK\u003e\n do_writepages+0x397/0x640\n filemap_fdatawrite_wbc+0x151/0x1b0\n file_write_and_wait_range+0x1c9/0x2b0\n ext4_sync_file+0x19e/0xa00\n vfs_fsync_range+0x17b/0x190\n ext4_buffered_write_iter+0x488/0x530\n ext4_file_write_iter+0x449/0x1b90\n vfs_write+0xbcd/0xf40\n ksys_write+0x198/0x2c0\n __x64_sys_write+0x7b/0x90\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n \u003c/TASK\u003e\n\nFix the problem by clearing EXT4_STATE_MAY_INLINE_DATA when we are doing\ndirect IO write to a file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50435",
"url": "https://www.suse.com/security/cve/CVE-2022-50435"
},
{
"category": "external",
"summary": "SUSE Bug 1250799 for CVE-2022-50435",
"url": "https://bugzilla.suse.com/1250799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50435"
},
{
"cve": "CVE-2022-50436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don\u0027t set up encryption key during jbd2 transaction\n\nCommit a80f7fcf1867 (\"ext4: fixup ext4_fc_track_* functions\u0027 signature\")\nextended the scope of the transaction in ext4_unlink() too far, making\nit include the call to ext4_find_entry(). However, ext4_find_entry()\ncan deadlock when called from within a transaction because it may need\nto set up the directory\u0027s encryption key.\n\nFix this by restoring the transaction to its original scope.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50436",
"url": "https://www.suse.com/security/cve/CVE-2022-50436"
},
{
"category": "external",
"summary": "SUSE Bug 1250846 for CVE-2022-50436",
"url": "https://bugzilla.suse.com/1250846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50436"
},
{
"cve": "CVE-2022-50437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/hdmi: fix memory corruption with too many bridges\n\nAdd the missing sanity check on the bridge counter to avoid corrupting\ndata beyond the fixed-sized bridge array in case there are ever more\nthan eight bridges.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502670/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50437",
"url": "https://www.suse.com/security/cve/CVE-2022-50437"
},
{
"category": "external",
"summary": "SUSE Bug 1250797 for CVE-2022-50437",
"url": "https://bugzilla.suse.com/1250797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2022-50437"
},
{
"cve": "CVE-2022-50439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: mt8173: Enable IRQ when pdata is ready\n\nIf the device does not come straight from reset, we might receive an IRQ\nbefore we are ready to handle it.\n\n\n[ 2.334737] Unable to handle kernel read from unreadable memory at virtual address 00000000000001e4\n[ 2.522601] Call trace:\n[ 2.525040] regmap_read+0x1c/0x80\n[ 2.528434] mt8173_afe_irq_handler+0x40/0xf0\n...\n[ 2.598921] start_kernel+0x338/0x42c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50439",
"url": "https://www.suse.com/security/cve/CVE-2022-50439"
},
{
"category": "external",
"summary": "SUSE Bug 1250948 for CVE-2022-50439",
"url": "https://bugzilla.suse.com/1250948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50439"
},
{
"cve": "CVE-2022-50440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50440"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate the box size for the snooped cursor\n\nInvalid userspace dma surface copies could potentially overflow\nthe memcpy from the surface to the snooped image leading to crashes.\nTo fix it the dimensions of the copybox have to be validated\nagainst the expected size of the snooped cursor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50440",
"url": "https://www.suse.com/security/cve/CVE-2022-50440"
},
{
"category": "external",
"summary": "SUSE Bug 1250853 for CVE-2022-50440",
"url": "https://bugzilla.suse.com/1250853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50440"
},
{
"cve": "CVE-2022-50441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Lag, fix failure to cancel delayed bond work\n\nCommit 0d4e8ed139d8 (\"net/mlx5: Lag, avoid lockdep warnings\")\naccidentally removed a call to cancel delayed bond work thus it may\ncause queued delay to expire and fall on an already destroyed work\nqueue.\n\nFix by restoring the call cancel_delayed_work_sync() before\ndestroying the workqueue.\n\nThis prevents call trace such as this:\n\n[ 329.230417] BUG: kernel NULL pointer dereference, address: 0000000000000000\n [ 329.231444] #PF: supervisor write access in kernel mode\n [ 329.232233] #PF: error_code(0x0002) - not-present page\n [ 329.233007] PGD 0 P4D 0\n [ 329.233476] Oops: 0002 [#1] SMP\n [ 329.234012] CPU: 5 PID: 145 Comm: kworker/u20:4 Tainted: G OE 6.0.0-rc5_mlnx #1\n [ 329.235282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n [ 329.236868] Workqueue: mlx5_cmd_0000:08:00.1 cmd_work_handler [mlx5_core]\n [ 329.237886] RIP: 0010:_raw_spin_lock+0xc/0x20\n [ 329.238585] Code: f0 0f b1 17 75 02 f3 c3 89 c6 e9 6f 3c 5f ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00 31 c0 ba 01 00 00 00 \u003cf0\u003e 0f b1 17 75 02 f3 c3 89 c6 e9 45 3c 5f ff 0f 1f 44 00 00 0f 1f\n [ 329.241156] RSP: 0018:ffffc900001b0e98 EFLAGS: 00010046\n [ 329.241940] RAX: 0000000000000000 RBX: ffffffff82374ae0 RCX: 0000000000000000\n [ 329.242954] RDX: 0000000000000001 RSI: 0000000000000014 RDI: 0000000000000000\n [ 329.243974] RBP: ffff888106ccf000 R08: ffff8881004000c8 R09: ffff888100400000\n [ 329.244990] R10: 0000000000000000 R11: ffffffff826669f8 R12: 0000000000002000\n [ 329.246009] R13: 0000000000000005 R14: ffff888100aa7ce0 R15: ffff88852ca80000\n [ 329.247030] FS: 0000000000000000(0000) GS:ffff88852ca80000(0000) knlGS:0000000000000000\n [ 329.248260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 329.249111] CR2: 0000000000000000 CR3: 000000016d675001 CR4: 0000000000770ee0\n [ 329.250133] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [ 329.251152] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n [ 329.252176] PKRU: 55555554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50441",
"url": "https://www.suse.com/security/cve/CVE-2022-50441"
},
{
"category": "external",
"summary": "SUSE Bug 1250849 for CVE-2022-50441",
"url": "https://bugzilla.suse.com/1250849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50441"
},
{
"cve": "CVE-2022-50443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50443"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: lvds: fix PM usage counter unbalance in poweron\n\npm_runtime_get_sync will increment pm usage counter even it failed.\nForgetting to putting operation will result in reference leak here.\nWe fix it by replacing it with the newest pm_runtime_resume_and_get\nto keep usage counter balanced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50443",
"url": "https://www.suse.com/security/cve/CVE-2022-50443"
},
{
"category": "external",
"summary": "SUSE Bug 1250768 for CVE-2022-50443",
"url": "https://bugzilla.suse.com/1250768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50443"
},
{
"cve": "CVE-2022-50444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: tegra20: Fix refcount leak in tegra20_clock_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50444",
"url": "https://www.suse.com/security/cve/CVE-2022-50444"
},
{
"category": "external",
"summary": "SUSE Bug 1250767 for CVE-2022-50444",
"url": "https://bugzilla.suse.com/1250767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50444"
},
{
"cve": "CVE-2022-50447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50447"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix crash on hci_create_cis_sync\n\nWhen attempting to connect multiple ISO sockets without using\nDEFER_SETUP may result in the following crash:\n\nBUG: KASAN: null-ptr-deref in hci_create_cis_sync+0x18b/0x2b0\nRead of size 2 at addr 0000000000000036 by task kworker/u3:1/50\n\nCPU: 0 PID: 50 Comm: kworker/u3:1 Not tainted\n6.0.0-rc7-02243-gb84a13ff4eda #4373\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009),\nBIOS 1.16.0-1.fc36 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x19/0x27\n kasan_report+0xbc/0xf0\n ? hci_create_cis_sync+0x18b/0x2b0\n hci_create_cis_sync+0x18b/0x2b0\n ? get_link_mode+0xd0/0xd0\n ? __ww_mutex_lock_slowpath+0x10/0x10\n ? mutex_lock+0xe0/0xe0\n ? get_link_mode+0xd0/0xd0\n hci_cmd_sync_work+0x111/0x190\n process_one_work+0x427/0x650\n worker_thread+0x87/0x750\n ? process_one_work+0x650/0x650\n kthread+0x14e/0x180\n ? kthread_exit+0x50/0x50\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50447",
"url": "https://www.suse.com/security/cve/CVE-2022-50447"
},
{
"category": "external",
"summary": "SUSE Bug 1250771 for CVE-2022-50447",
"url": "https://bugzilla.suse.com/1250771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50447"
},
{
"cve": "CVE-2022-50449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50449"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: Fix memory leak in _samsung_clk_register_pll()\n\nIf clk_register() fails, @pll-\u003erate_table may have allocated memory by\nkmemdup(), so it needs to be freed, otherwise will cause memory leak\nissue, this patch fixes it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50449",
"url": "https://www.suse.com/security/cve/CVE-2022-50449"
},
{
"category": "external",
"summary": "SUSE Bug 1250889 for CVE-2022-50449",
"url": "https://bugzilla.suse.com/1250889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50449"
},
{
"cve": "CVE-2022-50452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cake: fix null pointer access issue when cake_init() fails\n\nWhen the default qdisc is cake, if the qdisc of dev_queue fails to be\ninited during mqprio_init(), cake_reset() is invoked to clear\nresources. In this case, the tins is NULL, and it will cause gpf issue.\n\nThe process is as follows:\nqdisc_create_dflt()\n\tcake_init()\n\t\tq-\u003etins = kvcalloc(...) ---\u003efailed, q-\u003etins is NULL\n\t...\n\tqdisc_put()\n\t\t...\n\t\tcake_reset()\n\t\t\t...\n\t\t\tcake_dequeue_one()\n\t\t\t\tb = \u0026q-\u003etins[...] ---\u003eq-\u003etins is NULL\n\nThe following is the Call Trace information:\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nRIP: 0010:cake_dequeue_one+0xc9/0x3c0\nCall Trace:\n\u003cTASK\u003e\ncake_reset+0xb1/0x140\nqdisc_reset+0xed/0x6f0\nqdisc_destroy+0x82/0x4c0\nqdisc_put+0x9e/0xb0\nqdisc_create_dflt+0x2c3/0x4a0\nmqprio_init+0xa71/0x1760\nqdisc_create+0x3eb/0x1000\ntc_modify_qdisc+0x408/0x1720\nrtnetlink_rcv_msg+0x38e/0xac0\nnetlink_rcv_skb+0x12d/0x3a0\nnetlink_unicast+0x4a2/0x740\nnetlink_sendmsg+0x826/0xcc0\nsock_sendmsg+0xc5/0x100\n____sys_sendmsg+0x583/0x690\n___sys_sendmsg+0xe8/0x160\n__sys_sendmsg+0xbf/0x160\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f89e5122d04\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50452",
"url": "https://www.suse.com/security/cve/CVE-2022-50452"
},
{
"category": "external",
"summary": "SUSE Bug 1250793 for CVE-2022-50452",
"url": "https://bugzilla.suse.com/1250793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50452"
},
{
"cve": "CVE-2022-50453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: fix NULL-pointer dereferences\n\nThere are several places where we can crash the kernel by requesting\nlines, unbinding the GPIO device, then calling any of the system calls\nrelevant to the GPIO character device\u0027s annonymous file descriptors:\nioctl(), read(), poll().\n\nWhile I observed it with the GPIO simulator, it will also happen for any\nof the GPIO devices that can be hot-unplugged - for instance any HID GPIO\nexpander (e.g. CP2112).\n\nThis affects both v1 and v2 uAPI.\n\nThis fixes it partially by checking if gdev-\u003echip is not NULL but it\ndoesn\u0027t entirely remedy the situation as we still have a race condition\nin which another thread can remove the device after the check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50453",
"url": "https://www.suse.com/security/cve/CVE-2022-50453"
},
{
"category": "external",
"summary": "SUSE Bug 1250887 for CVE-2022-50453",
"url": "https://bugzilla.suse.com/1250887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50453"
},
{
"cve": "CVE-2022-50454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()\n\nnouveau_bo_init() is backed by ttm_bo_init() and ferries its return code\nback to the caller. On failures, ttm will call nouveau_bo_del_ttm() and\nfree the memory.Thus, when nouveau_bo_init() returns an error, the gem\nobject has already been released. Then the call to nouveau_bo_ref() will\nuse the freed \"nvbo-\u003ebo\" and lead to a use-after-free bug.\n\nWe should delete the call to nouveau_bo_ref() to avoid the use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50454",
"url": "https://www.suse.com/security/cve/CVE-2022-50454"
},
{
"category": "external",
"summary": "SUSE Bug 1250890 for CVE-2022-50454",
"url": "https://bugzilla.suse.com/1250890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50454"
},
{
"cve": "CVE-2022-50456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix resolving backrefs for inline extent followed by prealloc\n\nIf a file consists of an inline extent followed by a regular or prealloc\nextent, then a legitimate attempt to resolve a logical address in the\nnon-inline region will result in add_all_parents reading the invalid\noffset field of the inline extent. If the inline extent item is placed\nin the leaf eb s.t. it is the first item, attempting to access the\noffset field will not only be meaningless, it will go past the end of\nthe eb and cause this panic:\n\n [17.626048] BTRFS warning (device dm-2): bad eb member end: ptr 0x3fd4 start 30834688 member offset 16377 size 8\n [17.631693] general protection fault, probably for non-canonical address 0x5088000000000: 0000 [#1] SMP PTI\n [17.635041] CPU: 2 PID: 1267 Comm: btrfs Not tainted 5.12.0-07246-g75175d5adc74-dirty #199\n [17.637969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n [17.641995] RIP: 0010:btrfs_get_64+0xe7/0x110\n [17.649890] RSP: 0018:ffffc90001f73a08 EFLAGS: 00010202\n [17.651652] RAX: 0000000000000001 RBX: ffff88810c42d000 RCX: 0000000000000000\n [17.653921] RDX: 0005088000000000 RSI: ffffc90001f73a0f RDI: 0000000000000001\n [17.656174] RBP: 0000000000000ff9 R08: 0000000000000007 R09: c0000000fffeffff\n [17.658441] R10: ffffc90001f73790 R11: ffffc90001f73788 R12: ffff888106afe918\n [17.661070] R13: 0000000000003fd4 R14: 0000000000003f6f R15: cdcdcdcdcdcdcdcd\n [17.663617] FS: 00007f64e7627d80(0000) GS:ffff888237c80000(0000) knlGS:0000000000000000\n [17.666525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [17.668664] CR2: 000055d4a39152e8 CR3: 000000010c596002 CR4: 0000000000770ee0\n [17.671253] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [17.673634] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n [17.676034] PKRU: 55555554\n [17.677004] Call Trace:\n [17.677877] add_all_parents+0x276/0x480\n [17.679325] find_parent_nodes+0xfae/0x1590\n [17.680771] btrfs_find_all_leafs+0x5e/0xa0\n [17.682217] iterate_extent_inodes+0xce/0x260\n [17.683809] ? btrfs_inode_flags_to_xflags+0x50/0x50\n [17.685597] ? iterate_inodes_from_logical+0xa1/0xd0\n [17.687404] iterate_inodes_from_logical+0xa1/0xd0\n [17.689121] ? btrfs_inode_flags_to_xflags+0x50/0x50\n [17.691010] btrfs_ioctl_logical_to_ino+0x131/0x190\n [17.692946] btrfs_ioctl+0x104a/0x2f60\n [17.694384] ? selinux_file_ioctl+0x182/0x220\n [17.695995] ? __x64_sys_ioctl+0x84/0xc0\n [17.697394] __x64_sys_ioctl+0x84/0xc0\n [17.698697] do_syscall_64+0x33/0x40\n [17.700017] entry_SYSCALL_64_after_hwframe+0x44/0xae\n [17.701753] RIP: 0033:0x7f64e72761b7\n [17.709355] RSP: 002b:00007ffefb067f58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n [17.712088] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f64e72761b7\n [17.714667] RDX: 00007ffefb067fb0 RSI: 00000000c0389424 RDI: 0000000000000003\n [17.717386] RBP: 00007ffefb06d188 R08: 000055d4a390d2b0 R09: 00007f64e7340a60\n [17.719938] R10: 0000000000000231 R11: 0000000000000246 R12: 0000000000000001\n [17.722383] R13: 0000000000000000 R14: 00000000c0389424 R15: 000055d4a38fd2a0\n [17.724839] Modules linked in:\n\nFix the bug by detecting the inline extent item in add_all_parents and\nskipping to the next extent item.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50456",
"url": "https://www.suse.com/security/cve/CVE-2022-50456"
},
{
"category": "external",
"summary": "SUSE Bug 1250856 for CVE-2022-50456",
"url": "https://bugzilla.suse.com/1250856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50456"
},
{
"cve": "CVE-2022-50458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: tegra: Fix refcount leak in tegra210_clock_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50458",
"url": "https://www.suse.com/security/cve/CVE-2022-50458"
},
{
"category": "external",
"summary": "SUSE Bug 1250891 for CVE-2022-50458",
"url": "https://bugzilla.suse.com/1250891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50458"
},
{
"cve": "CVE-2022-50459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()\n\nFix a NULL pointer crash that occurs when we are freeing the socket at the\nsame time we access it via sysfs.\n\nThe problem is that:\n\n 1. iscsi_sw_tcp_conn_get_param() and iscsi_sw_tcp_host_get_param() take\n the frwd_lock and do sock_hold() then drop the frwd_lock. sock_hold()\n does a get on the \"struct sock\".\n\n 2. iscsi_sw_tcp_release_conn() does sockfd_put() which does the last put\n on the \"struct socket\" and that does __sock_release() which sets the\n sock-\u003eops to NULL.\n\n 3. iscsi_sw_tcp_conn_get_param() and iscsi_sw_tcp_host_get_param() then\n call kernel_getpeername() which accesses the NULL sock-\u003eops.\n\nAbove we do a get on the \"struct sock\", but we needed a get on the \"struct\nsocket\". Originally, we just held the frwd_lock the entire time but in\ncommit bcf3a2953d36 (\"scsi: iscsi: iscsi_tcp: Avoid holding spinlock while\ncalling getpeername()\") we switched to refcount based because the network\nlayer changed and started taking a mutex in that path, so we could no\nlonger hold the frwd_lock.\n\nInstead of trying to maintain multiple refcounts, this just has us use a\nmutex for accessing the socket in the interface code paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50459",
"url": "https://www.suse.com/security/cve/CVE-2022-50459"
},
{
"category": "external",
"summary": "SUSE Bug 1250850 for CVE-2022-50459",
"url": "https://bugzilla.suse.com/1250850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50459"
},
{
"cve": "CVE-2022-50460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix xid leak in cifs_flock()\n\nIf not flock, before return -ENOLCK, should free the xid,\notherwise, the xid will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50460",
"url": "https://www.suse.com/security/cve/CVE-2022-50460"
},
{
"category": "external",
"summary": "SUSE Bug 1250879 for CVE-2022-50460",
"url": "https://bugzilla.suse.com/1250879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2022-50460"
},
{
"cve": "CVE-2022-50464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2()\n\nAs comment of pci_get_device() says, it returns a pci_device with its\nrefcount increased. We need to call pci_dev_put() to decrease the\nrefcount. Save the return value of pci_get_device() and call\npci_dev_put() to decrease the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50464",
"url": "https://www.suse.com/security/cve/CVE-2022-50464"
},
{
"category": "external",
"summary": "SUSE Bug 1250881 for CVE-2022-50464",
"url": "https://bugzilla.suse.com/1250881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50464"
},
{
"cve": "CVE-2022-50465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix leaking uninitialized memory in fast-commit journal\n\nWhen space at the end of fast-commit journal blocks is unused, make sure\nto zero it out so that uninitialized memory is not leaked to disk.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50465",
"url": "https://www.suse.com/security/cve/CVE-2022-50465"
},
{
"category": "external",
"summary": "SUSE Bug 1250883 for CVE-2022-50465",
"url": "https://bugzilla.suse.com/1250883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50465"
},
{
"cve": "CVE-2022-50466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/binfmt_elf: Fix memory leak in load_elf_binary()\n\nThere is a memory leak reported by kmemleak:\n\n unreferenced object 0xffff88817104ef80 (size 224):\n comm \"xfs_admin\", pid 47165, jiffies 4298708825 (age 1333.476s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 60 a8 b3 00 81 88 ff ff a8 10 5a 00 81 88 ff ff `.........Z.....\n backtrace:\n [\u003cffffffff819171e1\u003e] __alloc_file+0x21/0x250\n [\u003cffffffff81918061\u003e] alloc_empty_file+0x41/0xf0\n [\u003cffffffff81948cda\u003e] path_openat+0xea/0x3d30\n [\u003cffffffff8194ec89\u003e] do_filp_open+0x1b9/0x290\n [\u003cffffffff8192660e\u003e] do_open_execat+0xce/0x5b0\n [\u003cffffffff81926b17\u003e] open_exec+0x27/0x50\n [\u003cffffffff81a69250\u003e] load_elf_binary+0x510/0x3ed0\n [\u003cffffffff81927759\u003e] bprm_execve+0x599/0x1240\n [\u003cffffffff8192a997\u003e] do_execveat_common.isra.0+0x4c7/0x680\n [\u003cffffffff8192b078\u003e] __x64_sys_execve+0x88/0xb0\n [\u003cffffffff83bbf0a5\u003e] do_syscall_64+0x35/0x80\n\nIf \"interp_elf_ex\" fails to allocate memory in load_elf_binary(),\nthe program will take the \"out_free_ph\" error handing path,\nresulting in \"interpreter\" file resource is not released.\n\nFix it by adding an error handing path \"out_free_file\", which will\nrelease the file resource when \"interp_elf_ex\" failed to allocate\nmemory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50466",
"url": "https://www.suse.com/security/cve/CVE-2022-50466"
},
{
"category": "external",
"summary": "SUSE Bug 1250875 for CVE-2022-50466",
"url": "https://bugzilla.suse.com/1250875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50466"
},
{
"cve": "CVE-2022-50467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50467"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID\n\nAn error case exit from lpfc_cmpl_ct_cmd_gft_id() results in a call to\nlpfc_nlp_put() with a null pointer to a nodelist structure.\n\nChanged lpfc_cmpl_ct_cmd_gft_id() to initialize nodelist pointer upon\nentry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50467",
"url": "https://www.suse.com/security/cve/CVE-2022-50467"
},
{
"category": "external",
"summary": "SUSE Bug 1250847 for CVE-2022-50467",
"url": "https://bugzilla.suse.com/1250847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50467"
},
{
"cve": "CVE-2022-50468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init()\n\nThe following WARNING message was given when rmmod cros_usbpd_notify:\n\n Unexpected driver unregister!\n WARNING: CPU: 0 PID: 253 at drivers/base/driver.c:270 driver_unregister+0x8a/0xb0\n Modules linked in: cros_usbpd_notify(-)\n CPU: 0 PID: 253 Comm: rmmod Not tainted 6.1.0-rc3 #24\n ...\n Call Trace:\n \u003cTASK\u003e\n cros_usbpd_notify_exit+0x11/0x1e [cros_usbpd_notify]\n __x64_sys_delete_module+0x3c7/0x570\n ? __ia32_sys_delete_module+0x570/0x570\n ? lock_is_held_type+0xe3/0x140\n ? syscall_enter_from_user_mode+0x17/0x50\n ? rcu_read_lock_sched_held+0xa0/0xd0\n ? syscall_enter_from_user_mode+0x1c/0x50\n do_syscall_64+0x37/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f333fe9b1b7\n\nThe reason is that the cros_usbpd_notify_init() does not check the return\nvalue of platform_driver_register(), and the cros_usbpd_notify can\ninstall successfully even if platform_driver_register() failed.\n\nFix by checking the return value of platform_driver_register() and\nunregister cros_usbpd_notify_plat_driver when it failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50468",
"url": "https://www.suse.com/security/cve/CVE-2022-50468"
},
{
"category": "external",
"summary": "SUSE Bug 1250877 for CVE-2022-50468",
"url": "https://bugzilla.suse.com/1250877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50468"
},
{
"cve": "CVE-2022-50469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()\n\nIn rtw_init_drv_sw(), there are various init functions are called to\npopulate the padapter structure and some checks for their return value.\nHowever, except for the first one error path, the other five error paths\ndo not properly release the previous allocated resources, which leads to\nvarious memory leaks.\n\nThis patch fixes them and keeps the success and error separate.\nNote that these changes keep the form of `rtw_init_drv_sw()` in\n\"drivers/staging/r8188eu/os_dep/os_intfs.c\". As there is no proper device\nto test with, no runtime testing was performed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50469",
"url": "https://www.suse.com/security/cve/CVE-2022-50469"
},
{
"category": "external",
"summary": "SUSE Bug 1250824 for CVE-2022-50469",
"url": "https://bugzilla.suse.com/1250824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-50469"
},
{
"cve": "CVE-2023-1380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1380"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info-\u003ereq_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1380",
"url": "https://www.suse.com/security/cve/CVE-2023-1380"
},
{
"category": "external",
"summary": "SUSE Bug 1209287 for CVE-2023-1380",
"url": "https://bugzilla.suse.com/1209287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-1380"
},
{
"cve": "CVE-2023-28328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28328"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28328",
"url": "https://www.suse.com/security/cve/CVE-2023-28328"
},
{
"category": "external",
"summary": "SUSE Bug 1209291 for CVE-2023-28328",
"url": "https://bugzilla.suse.com/1209291"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-28328",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-28328"
},
{
"cve": "CVE-2023-31248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31248"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31248",
"url": "https://www.suse.com/security/cve/CVE-2023-31248"
},
{
"category": "external",
"summary": "SUSE Bug 1213061 for CVE-2023-31248",
"url": "https://bugzilla.suse.com/1213061"
},
{
"category": "external",
"summary": "SUSE Bug 1213064 for CVE-2023-31248",
"url": "https://bugzilla.suse.com/1213064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-31248"
},
{
"cve": "CVE-2023-3772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3772"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3772",
"url": "https://www.suse.com/security/cve/CVE-2023-3772"
},
{
"category": "external",
"summary": "SUSE Bug 1213666 for CVE-2023-3772",
"url": "https://bugzilla.suse.com/1213666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-3772"
},
{
"cve": "CVE-2023-39197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39197"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39197",
"url": "https://www.suse.com/security/cve/CVE-2023-39197"
},
{
"category": "external",
"summary": "SUSE Bug 1216976 for CVE-2023-39197",
"url": "https://bugzilla.suse.com/1216976"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-39197",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-39197"
},
{
"cve": "CVE-2023-42753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42753"
}
],
"notes": [
{
"category": "general",
"text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42753",
"url": "https://www.suse.com/security/cve/CVE-2023-42753"
},
{
"category": "external",
"summary": "SUSE Bug 1215150 for CVE-2023-42753",
"url": "https://bugzilla.suse.com/1215150"
},
{
"category": "external",
"summary": "SUSE Bug 1218613 for CVE-2023-42753",
"url": "https://bugzilla.suse.com/1218613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-42753"
},
{
"cve": "CVE-2023-52923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: adapt set backend to use GC transaction API\n\nUse the GC transaction API to replace the old and buggy gc API and the\nbusy mark approach.\n\nNo set elements are removed from async garbage collection anymore,\ninstead the _DEAD bit is set on so the set element is not visible from\nlookup path anymore. Async GC enqueues transaction work that might be\naborted and retried later.\n\nrbtree and pipapo set backends does not set on the _DEAD bit from the\nsync GC path since this runs in control plane path where mutex is held.\nIn this case, set elements are deactivated, removed and then released\nvia RCU callback, sync GC never fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52923",
"url": "https://www.suse.com/security/cve/CVE-2023-52923"
},
{
"category": "external",
"summary": "SUSE Bug 1236104 for CVE-2023-52923",
"url": "https://bugzilla.suse.com/1236104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-52923"
},
{
"cve": "CVE-2023-53147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: add NULL check in xfrm_update_ae_params\n\nNormally, x-\u003ereplay_esn and x-\u003epreplay_esn should be allocated at\nxfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the\nxfrm_update_ae_params(...) is okay to update them. However, the current\nimplementation of xfrm_new_ae(...) allows a malicious user to directly\ndereference a NULL pointer and crash the kernel like below.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 8253067 P4D 8253067 PUD 8e0e067 PMD 0\nOops: 0002 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 PID: 98 Comm: poc.npd Not tainted 6.4.0-rc7-00072-gdad9774deaf1 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.o4\nRIP: 0010:memcpy_orig+0xad/0x140\nCode: e8 4c 89 5f e0 48 8d 7f e0 73 d2 83 c2 20 48 29 d6 48 29 d7 83 fa 10 72 34 4c 8b 06 4c 8b 4e 08 c\nRSP: 0018:ffff888008f57658 EFLAGS: 00000202\nRAX: 0000000000000000 RBX: ffff888008bd0000 RCX: ffffffff8238e571\nRDX: 0000000000000018 RSI: ffff888007f64844 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffff888008f57818\nR13: ffff888007f64aa4 R14: 0000000000000000 R15: 0000000000000000\nFS: 00000000014013c0(0000) GS:ffff88806d600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000054d8000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x70\n ? page_fault_oops+0x1e8/0x500\n ? __pfx_is_prefetch.constprop.0+0x10/0x10\n ? __pfx_page_fault_oops+0x10/0x10\n ? _raw_spin_unlock_irqrestore+0x11/0x40\n ? fixup_exception+0x36/0x460\n ? _raw_spin_unlock_irqrestore+0x11/0x40\n ? exc_page_fault+0x5e/0xc0\n ? asm_exc_page_fault+0x26/0x30\n ? xfrm_update_ae_params+0xd1/0x260\n ? memcpy_orig+0xad/0x140\n ? __pfx__raw_spin_lock_bh+0x10/0x10\n xfrm_update_ae_params+0xe7/0x260\n xfrm_new_ae+0x298/0x4e0\n ? __pfx_xfrm_new_ae+0x10/0x10\n ? __pfx_xfrm_new_ae+0x10/0x10\n xfrm_user_rcv_msg+0x25a/0x410\n ? __pfx_xfrm_user_rcv_msg+0x10/0x10\n ? __alloc_skb+0xcf/0x210\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1c/0x70\n ? __stack_depot_save+0x39/0x4e0\n ? __kasan_slab_free+0x10a/0x190\n ? kmem_cache_free+0x9c/0x340\n ? netlink_recvmsg+0x23c/0x660\n ? sock_recvmsg+0xeb/0xf0\n ? __sys_recvfrom+0x13c/0x1f0\n ? __x64_sys_recvfrom+0x71/0x90\n ? do_syscall_64+0x3f/0x90\n ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n ? copyout+0x3e/0x50\n netlink_rcv_skb+0xd6/0x210\n ? __pfx_xfrm_user_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? __pfx_sock_has_perm+0x10/0x10\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n xfrm_netlink_rcv+0x44/0x50\n netlink_unicast+0x36f/0x4c0\n ? __pfx_netlink_unicast+0x10/0x10\n ? netlink_recvmsg+0x500/0x660\n netlink_sendmsg+0x3b7/0x700\n\nThis Null-ptr-deref bug is assigned CVE-2023-3772. And this commit\nadds additional NULL check in xfrm_update_ae_params to fix the NPD.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53147",
"url": "https://www.suse.com/security/cve/CVE-2023-53147"
},
{
"category": "external",
"summary": "SUSE Bug 1249880 for CVE-2023-53147",
"url": "https://bugzilla.suse.com/1249880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53147"
},
{
"cve": "CVE-2023-53149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid deadlock in fs reclaim with page writeback\n\nExt4 has a filesystem wide lock protecting ext4_writepages() calls to\navoid races with switching of journalled data flag or inode format. This\nlock can however cause a deadlock like:\n\nCPU0 CPU1\n\next4_writepages()\n percpu_down_read(sbi-\u003es_writepages_rwsem);\n ext4_change_inode_journal_flag()\n percpu_down_write(sbi-\u003es_writepages_rwsem);\n - blocks, all readers block from now on\n ext4_do_writepages()\n ext4_init_io_end()\n kmem_cache_zalloc(io_end_cachep, GFP_KERNEL)\n fs_reclaim frees dentry...\n dentry_unlink_inode()\n iput() - last ref =\u003e\n iput_final() - inode dirty =\u003e\n write_inode_now()...\n ext4_writepages() tries to acquire sbi-\u003es_writepages_rwsem\n and blocks forever\n\nMake sure we cannot recurse into filesystem reclaim from writeback code\nto avoid the deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53149",
"url": "https://www.suse.com/security/cve/CVE-2023-53149"
},
{
"category": "external",
"summary": "SUSE Bug 1249882 for CVE-2023-53149",
"url": "https://bugzilla.suse.com/1249882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53149"
},
{
"cve": "CVE-2023-53150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Pointer may be dereferenced\n\nKlocwork tool reported pointer \u0027rport\u0027 returned from call to function\nfc_bsg_to_rport() may be NULL and will be dereferenced.\n\nAdd a fix to validate rport before dereferencing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53150",
"url": "https://www.suse.com/security/cve/CVE-2023-53150"
},
{
"category": "external",
"summary": "SUSE Bug 1249853 for CVE-2023-53150",
"url": "https://bugzilla.suse.com/1249853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53150"
},
{
"cve": "CVE-2023-53151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: prevent soft lockup while flush writes\n\nCurrently, there is no limit for raid1/raid10 plugged bio. While flushing\nwrites, raid1 has cond_resched() while raid10 doesn\u0027t, and too many\nwrites can cause soft lockup.\n\nFollow up soft lockup can be triggered easily with writeback test for\nraid10 with ramdisks:\n\nwatchdog: BUG: soft lockup - CPU#10 stuck for 27s! [md0_raid10:1293]\nCall Trace:\n \u003cTASK\u003e\n call_rcu+0x16/0x20\n put_object+0x41/0x80\n __delete_object+0x50/0x90\n delete_object_full+0x2b/0x40\n kmemleak_free+0x46/0xa0\n slab_free_freelist_hook.constprop.0+0xed/0x1a0\n kmem_cache_free+0xfd/0x300\n mempool_free_slab+0x1f/0x30\n mempool_free+0x3a/0x100\n bio_free+0x59/0x80\n bio_put+0xcf/0x2c0\n free_r10bio+0xbf/0xf0\n raid_end_bio_io+0x78/0xb0\n one_write_done+0x8a/0xa0\n raid10_end_write_request+0x1b4/0x430\n bio_endio+0x175/0x320\n brd_submit_bio+0x3b9/0x9b7 [brd]\n __submit_bio+0x69/0xe0\n submit_bio_noacct_nocheck+0x1e6/0x5a0\n submit_bio_noacct+0x38c/0x7e0\n flush_pending_writes+0xf0/0x240\n raid10d+0xac/0x1ed0\n\nFix the problem by adding cond_resched() to raid10 like what raid1 did.\n\nNote that unlimited plugged bio still need to be optimized, for example,\nin the case of lots of dirty pages writeback, this will take lots of\nmemory and io will spend a long time in plug, hence io latency is bad.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53151",
"url": "https://www.suse.com/security/cve/CVE-2023-53151"
},
{
"category": "external",
"summary": "SUSE Bug 1249865 for CVE-2023-53151",
"url": "https://bugzilla.suse.com/1249865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53151"
},
{
"cve": "CVE-2023-53152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix calltrace warning in amddrm_buddy_fini\n\nThe following call trace is observed when removing the amdgpu driver, which\nis caused by that BOs allocated for psp are not freed until removing.\n\n[61811.450562] RIP: 0010:amddrm_buddy_fini.cold+0x29/0x47 [amddrm_buddy]\n[61811.450577] Call Trace:\n[61811.450577] \u003cTASK\u003e\n[61811.450579] amdgpu_vram_mgr_fini+0x135/0x1c0 [amdgpu]\n[61811.450728] amdgpu_ttm_fini+0x207/0x290 [amdgpu]\n[61811.450870] amdgpu_bo_fini+0x27/0xa0 [amdgpu]\n[61811.451012] gmc_v9_0_sw_fini+0x4a/0x60 [amdgpu]\n[61811.451166] amdgpu_device_fini_sw+0x117/0x520 [amdgpu]\n[61811.451306] amdgpu_driver_release_kms+0x16/0x30 [amdgpu]\n[61811.451447] devm_drm_dev_init_release+0x4d/0x80 [drm]\n[61811.451466] devm_action_release+0x15/0x20\n[61811.451469] release_nodes+0x40/0xb0\n[61811.451471] devres_release_all+0x9b/0xd0\n[61811.451473] __device_release_driver+0x1bb/0x2a0\n[61811.451476] driver_detach+0xf3/0x140\n[61811.451479] bus_remove_driver+0x6c/0xf0\n[61811.451481] driver_unregister+0x31/0x60\n[61811.451483] pci_unregister_driver+0x40/0x90\n[61811.451486] amdgpu_exit+0x15/0x447 [amdgpu]\n\nFor smu v13_0_2, if the GPU supports xgmi, refer to\n\ncommit f5c7e7797060 (\"drm/amdgpu: Adjust removal control flow for smu v13_0_2\"),\n\nit will run gpu recover in AMDGPU_RESET_FOR_DEVICE_REMOVE mode when removing,\nwhich makes all devices in hive list have hw reset but no resume except the\nbasic ip blocks, then other ip blocks will not call .hw_fini according to\nip_block.status.hw.\n\nSince psp_free_shared_bufs just includes some software operations, so move\nit to psp_sw_fini.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53152",
"url": "https://www.suse.com/security/cve/CVE-2023-53152"
},
{
"category": "external",
"summary": "SUSE Bug 1249883 for CVE-2023-53152",
"url": "https://bugzilla.suse.com/1249883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53152"
},
{
"cve": "CVE-2023-53153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Fix use after free for wext\n\nKey information in wext.connect is not reset on (re)connect and can hold\ndata from a previous connection.\n\nReset key data to avoid that drivers or mac80211 incorrectly detect a\nWEP connection request and access the freed or already reused memory.\n\nAdditionally optimize cfg80211_sme_connect() and avoid an useless\nschedule of conn_work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53153",
"url": "https://www.suse.com/security/cve/CVE-2023-53153"
},
{
"category": "external",
"summary": "SUSE Bug 1249877 for CVE-2023-53153",
"url": "https://bugzilla.suse.com/1249877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53153"
},
{
"cve": "CVE-2023-53165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix uninitialized array access for some pathnames\n\nFor filenames that begin with . and are between 2 and 5 characters long,\nUDF charset conversion code would read uninitialized memory in the\noutput buffer. The only practical impact is that the name may be prepended a\n\"unification hash\" when it is not actually needed but still it is good\nto fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53165",
"url": "https://www.suse.com/security/cve/CVE-2023-53165"
},
{
"category": "external",
"summary": "SUSE Bug 1250395 for CVE-2023-53165",
"url": "https://bugzilla.suse.com/1250395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53165"
},
{
"cve": "CVE-2023-53167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix null pointer dereference in tracing_err_log_open()\n\nFix an issue in function \u0027tracing_err_log_open\u0027.\nThe function doesn\u0027t call \u0027seq_open\u0027 if the file is opened only with\nwrite permissions, which results in \u0027file-\u003eprivate_data\u0027 being left as null.\nIf we then use \u0027lseek\u0027 on that opened file, \u0027seq_lseek\u0027 dereferences\n\u0027file-\u003eprivate_data\u0027 in \u0027mutex_lock(\u0026m-\u003elock)\u0027, resulting in a kernel panic.\nWriting to this node requires root privileges, therefore this bug\nhas very little security impact.\n\nTracefs node: /sys/kernel/tracing/error_log\n\nExample Kernel panic:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\nCall trace:\n mutex_lock+0x30/0x110\n seq_lseek+0x34/0xb8\n __arm64_sys_lseek+0x6c/0xb8\n invoke_syscall+0x58/0x13c\n el0_svc_common+0xc4/0x10c\n do_el0_svc+0x24/0x98\n el0_svc+0x24/0x88\n el0t_64_sync_handler+0x84/0xe4\n el0t_64_sync+0x1b4/0x1b8\nCode: d503201f aa0803e0 aa1f03e1 aa0103e9 (c8e97d02)\n---[ end trace 561d1b49c12cf8a5 ]---\nKernel panic - not syncing: Oops: Fatal exception",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53167",
"url": "https://www.suse.com/security/cve/CVE-2023-53167"
},
{
"category": "external",
"summary": "SUSE Bug 1249712 for CVE-2023-53167",
"url": "https://bugzilla.suse.com/1249712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53167"
},
{
"cve": "CVE-2023-53168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53168"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ucsi_acpi: Increase the command completion timeout\n\nCommit 130a96d698d7 (\"usb: typec: ucsi: acpi: Increase command\ncompletion timeout value\") increased the timeout from 5 seconds\nto 60 seconds due to issues related to alternate mode discovery.\n\nAfter the alternate mode discovery switch to polled mode\nthe timeout was reduced, but instead of being set back to\n5 seconds it was reduced to 1 second.\n\nThis is causing problems when using a Lenovo ThinkPad X1 yoga gen7\nconnected over Type-C to a LG 27UL850-W (charging DP over Type-C).\n\nWhen the monitor is already connected at boot the following error\nis logged: \"PPM init failed (-110)\", /sys/class/typec is empty and\non unplugging the NULL pointer deref fixed earlier in this series\nhappens.\n\nWhen the monitor is connected after boot the following error\nis logged instead: \"GET_CONNECTOR_STATUS failed (-110)\".\n\nSetting the timeout back to 5 seconds fixes both cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53168",
"url": "https://www.suse.com/security/cve/CVE-2023-53168"
},
{
"category": "external",
"summary": "SUSE Bug 1249874 for CVE-2023-53168",
"url": "https://bugzilla.suse.com/1249874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53168"
},
{
"cve": "CVE-2023-53171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/type1: prevent underflow of locked_vm via exec()\n\nWhen a vfio container is preserved across exec, the task does not change,\nbut it gets a new mm with locked_vm=0, and loses the count from existing\ndma mappings. If the user later unmaps a dma mapping, locked_vm underflows\nto a large unsigned value, and a subsequent dma map request fails with\nENOMEM in __account_locked_vm.\n\nTo avoid underflow, grab and save the mm at the time a dma is mapped.\nUse that mm when adjusting locked_vm, rather than re-acquiring the saved\ntask\u0027s mm, which may have changed. If the saved mm is dead, do nothing.\n\nlocked_vm is incremented for existing mappings in a subsequent patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53171",
"url": "https://www.suse.com/security/cve/CVE-2023-53171"
},
{
"category": "external",
"summary": "SUSE Bug 1249933 for CVE-2023-53171",
"url": "https://bugzilla.suse.com/1249933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53171"
},
{
"cve": "CVE-2023-53174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53174"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix possible memory leak if device_add() fails\n\nIf device_add() returns error, the name allocated by dev_set_name() needs\nbe freed. As the comment of device_add() says, put_device() should be used\nto decrease the reference count in the error path. So fix this by calling\nput_device(), then the name can be freed in kobject_cleanp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53174",
"url": "https://www.suse.com/security/cve/CVE-2023-53174"
},
{
"category": "external",
"summary": "SUSE Bug 1250024 for CVE-2023-53174",
"url": "https://bugzilla.suse.com/1250024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53174"
},
{
"cve": "CVE-2023-53176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: 8250: Reinit port-\u003epm on port specific driver unbind\n\nWhen we unbind a serial port hardware specific 8250 driver, the generic\nserial8250 driver takes over the port. After that we see an oops about 10\nseconds later. This can produce the following at least on some TI SoCs:\n\nUnhandled fault: imprecise external abort (0x1406)\nInternal error: : 1406 [#1] SMP ARM\n\nTurns out that we may still have the serial port hardware specific driver\nport-\u003epm in use, and serial8250_pm() tries to call it after the port\nspecific driver is gone:\n\nserial8250_pm [8250_base] from uart_change_pm+0x54/0x8c [serial_base]\nuart_change_pm [serial_base] from uart_hangup+0x154/0x198 [serial_base]\nuart_hangup [serial_base] from __tty_hangup.part.0+0x328/0x37c\n__tty_hangup.part.0 from disassociate_ctty+0x154/0x20c\ndisassociate_ctty from do_exit+0x744/0xaac\ndo_exit from do_group_exit+0x40/0x8c\ndo_group_exit from __wake_up_parent+0x0/0x1c\n\nLet\u0027s fix the issue by calling serial8250_set_defaults() in\nserial8250_unregister_port(). This will set the port back to using\nthe serial8250 default functions, and sets the port-\u003epm to point to\nserial8250_pm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53176",
"url": "https://www.suse.com/security/cve/CVE-2023-53176"
},
{
"category": "external",
"summary": "SUSE Bug 1249991 for CVE-2023-53176",
"url": "https://bugzilla.suse.com/1249991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53176"
},
{
"cve": "CVE-2023-53178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: fix zswap writeback race condition\n\nThe zswap writeback mechanism can cause a race condition resulting in\nmemory corruption, where a swapped out page gets swapped in with data that\nwas written to a different page.\n\nThe race unfolds like this:\n1. a page with data A and swap offset X is stored in zswap\n2. page A is removed off the LRU by zpool driver for writeback in\n zswap-shrink work, data for A is mapped by zpool driver\n3. user space program faults and invalidates page entry A, offset X is\n considered free\n4. kswapd stores page B at offset X in zswap (zswap could also be\n full, if so, page B would then be IOed to X, then skip step 5.)\n5. entry A is replaced by B in tree-\u003erbroot, this doesn\u0027t affect the\n local reference held by zswap-shrink work\n6. zswap-shrink work writes back A at X, and frees zswap entry A\n7. swapin of slot X brings A in memory instead of B\n\nThe fix:\nOnce the swap page cache has been allocated (case ZSWAP_SWAPCACHE_NEW),\nzswap-shrink work just checks that the local zswap_entry reference is\nstill the same as the one in the tree. If it\u0027s not the same it means that\nit\u0027s either been invalidated or replaced, in both cases the writeback is\naborted because the local entry contains stale data.\n\nReproducer:\nI originally found this by running `stress` overnight to validate my work\non the zswap writeback mechanism, it manifested after hours on my test\nmachine. The key to make it happen is having zswap writebacks, so\nwhatever setup pumps /sys/kernel/debug/zswap/written_back_pages should do\nthe trick.\n\nIn order to reproduce this faster on a vm, I setup a system with ~100M of\navailable memory and a 500M swap file, then running `stress --vm 1\n--vm-bytes 300000000 --vm-stride 4000` makes it happen in matter of tens\nof minutes. One can speed things up even more by swinging\n/sys/module/zswap/parameters/max_pool_percent up and down between, say, 20\nand 1; this makes it reproduce in tens of seconds. It\u0027s crucial to set\n`--vm-stride` to something other than 4096 otherwise `stress` won\u0027t\nrealize that memory has been corrupted because all pages would have the\nsame data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53178",
"url": "https://www.suse.com/security/cve/CVE-2023-53178"
},
{
"category": "external",
"summary": "SUSE Bug 1249827 for CVE-2023-53178",
"url": "https://bugzilla.suse.com/1249827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53178"
},
{
"cve": "CVE-2023-53179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c\n\nThe missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can\nlead to the use of wrong `CIDR_POS(c)` for calculating array offsets,\nwhich can lead to integer underflow. As a result, it leads to slab\nout-of-bound access.\nThis patch adds back the IP_SET_HASH_WITH_NET0 macro to\nip_set_hash_netportnet to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53179",
"url": "https://www.suse.com/security/cve/CVE-2023-53179"
},
{
"category": "external",
"summary": "SUSE Bug 1249825 for CVE-2023-53179",
"url": "https://bugzilla.suse.com/1249825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53179"
},
{
"cve": "CVE-2023-53181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/dma-resv: Stop leaking on krealloc() failure\n\nCurrently dma_resv_get_fences() will leak the previously\nallocated array if the fence iteration got restarted and\nthe krealloc_array() fails.\n\nFree the old array by hand, and make sure we still clear\nthe returned *fences so the caller won\u0027t end up accessing\nfreed memory. Some (but not all) of the callers of\ndma_resv_get_fences() seem to still trawl through the\narray even when dma_resv_get_fences() failed. And let\u0027s\nzero out *num_fences as well for good measure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53181",
"url": "https://www.suse.com/security/cve/CVE-2023-53181"
},
{
"category": "external",
"summary": "SUSE Bug 1249824 for CVE-2023-53181",
"url": "https://bugzilla.suse.com/1249824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53181"
},
{
"cve": "CVE-2023-53182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Avoid undefined behavior: applying zero offset to null pointer\n\nACPICA commit 770653e3ba67c30a629ca7d12e352d83c2541b1e\n\nBefore this change we see the following UBSAN stack trace in Fuchsia:\n\n #0 0x000021e4213b3302 in acpi_ds_init_aml_walk(struct acpi_walk_state*, union acpi_parse_object*, struct acpi_namespace_node*, u8*, u32, struct acpi_evaluate_info*, u8) ../../third_party/acpica/source/components/dispatcher/dswstate.c:682 \u003cplatform-bus-x86.so\u003e+0x233302\n #1.2 0x000020d0f660777f in ubsan_get_stack_trace() compiler-rt/lib/ubsan/ubsan_diag.cpp:41 \u003clibclang_rt.asan.so\u003e+0x3d77f\n #1.1 0x000020d0f660777f in maybe_print_stack_trace() compiler-rt/lib/ubsan/ubsan_diag.cpp:51 \u003clibclang_rt.asan.so\u003e+0x3d77f\n #1 0x000020d0f660777f in ~scoped_report() compiler-rt/lib/ubsan/ubsan_diag.cpp:387 \u003clibclang_rt.asan.so\u003e+0x3d77f\n #2 0x000020d0f660b96d in handlepointer_overflow_impl() compiler-rt/lib/ubsan/ubsan_handlers.cpp:809 \u003clibclang_rt.asan.so\u003e+0x4196d\n #3 0x000020d0f660b50d in compiler-rt/lib/ubsan/ubsan_handlers.cpp:815 \u003clibclang_rt.asan.so\u003e+0x4150d\n #4 0x000021e4213b3302 in acpi_ds_init_aml_walk(struct acpi_walk_state*, union acpi_parse_object*, struct acpi_namespace_node*, u8*, u32, struct acpi_evaluate_info*, u8) ../../third_party/acpica/source/components/dispatcher/dswstate.c:682 \u003cplatform-bus-x86.so\u003e+0x233302\n #5 0x000021e4213e2369 in acpi_ds_call_control_method(struct acpi_thread_state*, struct acpi_walk_state*, union acpi_parse_object*) ../../third_party/acpica/source/components/dispatcher/dsmethod.c:605 \u003cplatform-bus-x86.so\u003e+0x262369\n #6 0x000021e421437fac in acpi_ps_parse_aml(struct acpi_walk_state*) ../../third_party/acpica/source/components/parser/psparse.c:550 \u003cplatform-bus-x86.so\u003e+0x2b7fac\n #7 0x000021e4214464d2 in acpi_ps_execute_method(struct acpi_evaluate_info*) ../../third_party/acpica/source/components/parser/psxface.c:244 \u003cplatform-bus-x86.so\u003e+0x2c64d2\n #8 0x000021e4213aa052 in acpi_ns_evaluate(struct acpi_evaluate_info*) ../../third_party/acpica/source/components/namespace/nseval.c:250 \u003cplatform-bus-x86.so\u003e+0x22a052\n #9 0x000021e421413dd8 in acpi_ns_init_one_device(acpi_handle, u32, void*, void**) ../../third_party/acpica/source/components/namespace/nsinit.c:735 \u003cplatform-bus-x86.so\u003e+0x293dd8\n #10 0x000021e421429e98 in acpi_ns_walk_namespace(acpi_object_type, acpi_handle, u32, u32, acpi_walk_callback, acpi_walk_callback, void*, void**) ../../third_party/acpica/source/components/namespace/nswalk.c:298 \u003cplatform-bus-x86.so\u003e+0x2a9e98\n #11 0x000021e4214131ac in acpi_ns_initialize_devices(u32) ../../third_party/acpica/source/components/namespace/nsinit.c:268 \u003cplatform-bus-x86.so\u003e+0x2931ac\n #12 0x000021e42147c40d in acpi_initialize_objects(u32) ../../third_party/acpica/source/components/utilities/utxfinit.c:304 \u003cplatform-bus-x86.so\u003e+0x2fc40d\n #13 0x000021e42126d603 in acpi::acpi_impl::initialize_acpi(acpi::acpi_impl*) ../../src/devices/board/lib/acpi/acpi-impl.cc:224 \u003cplatform-bus-x86.so\u003e+0xed603\n\nAdd a simple check that avoids incrementing a pointer by zero, but\notherwise behaves as before. Note that our findings are against ACPICA\n20221020, but the same code exists on master.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53182",
"url": "https://www.suse.com/security/cve/CVE-2023-53182"
},
{
"category": "external",
"summary": "SUSE Bug 1250010 for CVE-2023-53182",
"url": "https://bugzilla.suse.com/1250010"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53182"
},
{
"cve": "CVE-2023-53185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: don\u0027t allow to overwrite ENDPOINT0 attributes\n\nA bad USB device is able to construct a service connection response\nmessage with target endpoint being ENDPOINT0 which is reserved for\nHTC_CTRL_RSVD_SVC and should not be modified to be used for any other\nservices.\n\nReject such service connection responses.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53185",
"url": "https://www.suse.com/security/cve/CVE-2023-53185"
},
{
"category": "external",
"summary": "SUSE Bug 1249820 for CVE-2023-53185",
"url": "https://bugzilla.suse.com/1249820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53185"
},
{
"cve": "CVE-2023-53189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53189"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6/addrconf: fix a potential refcount underflow for idev\n\nNow in addrconf_mod_rs_timer(), reference idev depends on whether\nrs_timer is not pending. Then modify rs_timer timeout.\n\nThere is a time gap in [1], during which if the pending rs_timer\nbecomes not pending. It will miss to hold idev, but the rs_timer\nis activated. Thus rs_timer callback function addrconf_rs_timer()\nwill be executed and put idev later without holding idev. A refcount\nunderflow issue for idev can be caused by this.\n\n\tif (!timer_pending(\u0026idev-\u003ers_timer))\n\t\tin6_dev_hold(idev);\n\t\t \u003c--------------[1]\n\tmod_timer(\u0026idev-\u003ers_timer, jiffies + when);\n\nTo fix the issue, hold idev if mod_timer() return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53189",
"url": "https://www.suse.com/security/cve/CVE-2023-53189"
},
{
"category": "external",
"summary": "SUSE Bug 1249894 for CVE-2023-53189",
"url": "https://bugzilla.suse.com/1249894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53189"
},
{
"cve": "CVE-2023-53193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53193"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini\n\nThe gmc.ecc_irq is enabled by firmware per IFWI setting,\nand the host driver is not privileged to enable/disable\nthe interrupt. So, it is meaningless to use the amdgpu_irq_put\nfunction in gmc_v10_0_hw_fini, which also leads to the call\ntrace.\n\n[ 82.340264] Call Trace:\n[ 82.340265] \u003cTASK\u003e\n[ 82.340269] gmc_v10_0_hw_fini+0x83/0xa0 [amdgpu]\n[ 82.340447] gmc_v10_0_suspend+0xe/0x20 [amdgpu]\n[ 82.340623] amdgpu_device_ip_suspend_phase2+0x127/0x1c0 [amdgpu]\n[ 82.340789] amdgpu_device_ip_suspend+0x3d/0x80 [amdgpu]\n[ 82.340955] amdgpu_device_pre_asic_reset+0xdd/0x2b0 [amdgpu]\n[ 82.341122] amdgpu_device_gpu_recover.cold+0x4dd/0xbb2 [amdgpu]\n[ 82.341359] amdgpu_debugfs_reset_work+0x4c/0x70 [amdgpu]\n[ 82.341529] process_one_work+0x21d/0x3f0\n[ 82.341535] worker_thread+0x1fa/0x3c0\n[ 82.341538] ? process_one_work+0x3f0/0x3f0\n[ 82.341540] kthread+0xff/0x130\n[ 82.341544] ? kthread_complete_and_exit+0x20/0x20\n[ 82.341547] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53193",
"url": "https://www.suse.com/security/cve/CVE-2023-53193"
},
{
"category": "external",
"summary": "SUSE Bug 1249816 for CVE-2023-53193",
"url": "https://bugzilla.suse.com/1249816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53193"
},
{
"cve": "CVE-2023-53196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53196"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: qcom: Fix potential memory leak\n\nFunction dwc3_qcom_probe() allocates memory for resource structure\nwhich is pointed by parent_res pointer. This memory is not\nfreed. This leads to memory leak. Use stack memory to prevent\nmemory leak.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53196",
"url": "https://www.suse.com/security/cve/CVE-2023-53196"
},
{
"category": "external",
"summary": "SUSE Bug 1249758 for CVE-2023-53196",
"url": "https://bugzilla.suse.com/1249758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53196"
},
{
"cve": "CVE-2023-53197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: uhci: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53197",
"url": "https://www.suse.com/security/cve/CVE-2023-53197"
},
{
"category": "external",
"summary": "SUSE Bug 1249791 for CVE-2023-53197",
"url": "https://bugzilla.suse.com/1249791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53197"
},
{
"cve": "CVE-2023-53199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53199"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails\n\nSyzkaller detected a memory leak of skbs in ath9k_hif_usb_rx_stream().\nWhile processing skbs in ath9k_hif_usb_rx_stream(), the already allocated\nskbs in skb_pool are not freed if ath9k_hif_usb_rx_stream() fails. If we\nhave an incorrect pkt_len or pkt_tag, the input skb is considered invalid\nand dropped. All the associated packets already in skb_pool should be\ndropped and freed. Added a comment describing this issue.\n\nThe patch also makes remain_skb NULL after being processed so that it\ncannot be referenced after potential free. The initialization of hif_dev\nfields which are associated with remain_skb (rx_remain_len,\nrx_transfer_len and rx_pad_len) is moved after a new remain_skb is\nallocated.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53199",
"url": "https://www.suse.com/security/cve/CVE-2023-53199"
},
{
"category": "external",
"summary": "SUSE Bug 1249683 for CVE-2023-53199",
"url": "https://bugzilla.suse.com/1249683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53199"
},
{
"cve": "CVE-2023-53201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: wraparound mbox producer index\n\nDriver is not handling the wraparound of the mbox producer index correctly.\nCurrently the wraparound happens once u32 max is reached.\n\nBit 31 of the producer index register is special and should be set\nonly once for the first command. Because the producer index overflow\nsetting bit31 after a long time, FW goes to initialization sequence\nand this causes FW hang.\n\nFix is to wraparound the mbox producer index once it reaches u16 max.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53201",
"url": "https://www.suse.com/security/cve/CVE-2023-53201"
},
{
"category": "external",
"summary": "SUSE Bug 1249687 for CVE-2023-53201",
"url": "https://bugzilla.suse.com/1249687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53201"
},
{
"cve": "CVE-2023-53205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390/diag: fix racy access of physical cpu number in diag 9c handler\n\nWe do check for target CPU == -1, but this might change at the time we\nare going to use it. Hold the physical target CPU in a local variable to\navoid out-of-bound accesses to the cpu arrays.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53205",
"url": "https://www.suse.com/security/cve/CVE-2023-53205"
},
{
"category": "external",
"summary": "SUSE Bug 1249677 for CVE-2023-53205",
"url": "https://bugzilla.suse.com/1249677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53205"
},
{
"cve": "CVE-2023-53210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()\n\nr5l_flush_stripe_to_raid() will check if the list \u0027flushing_ios\u0027 is\nempty, and then submit \u0027flush_bio\u0027, however, r5l_log_flush_endio()\nis clearing the list first and then clear the bio, which will cause\nnull-ptr-deref:\n\nT1: submit flush io\nraid5d\n handle_active_stripes\n r5l_flush_stripe_to_raid\n // list is empty\n // add \u0027io_end_ios\u0027 to the list\n bio_init\n submit_bio\n // io1\n\nT2: io1 is done\nr5l_log_flush_endio\n list_splice_tail_init\n // clear the list\n\t\t\tT3: submit new flush io\n\t\t\t...\n\t\t\tr5l_flush_stripe_to_raid\n\t\t\t // list is empty\n\t\t\t // add \u0027io_end_ios\u0027 to the list\n\t\t\t bio_init\n bio_uninit\n // clear bio-\u003ebi_blkg\n\t\t\t submit_bio\n\t\t\t // null-ptr-deref\n\nFix this problem by clearing bio before clearing the list in\nr5l_log_flush_endio().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53210",
"url": "https://www.suse.com/security/cve/CVE-2023-53210"
},
{
"category": "external",
"summary": "SUSE Bug 1249673 for CVE-2023-53210",
"url": "https://bugzilla.suse.com/1249673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53210"
},
{
"cve": "CVE-2023-53213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53213"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()\n\nFix a slab-out-of-bounds read that occurs in kmemdup() called from\nbrcmf_get_assoc_ies().\nThe bug could occur when assoc_info-\u003ereq_len, data from a URB provided\nby a USB device, is bigger than the size of buffer which is defined as\nWL_EXTRA_BUF_MAX.\n\nAdd the size check for req_len/resp_len of assoc_info.\n\nFound by a modified version of syzkaller.\n\n[ 46.592467][ T7] ==================================================================\n[ 46.594687][ T7] BUG: KASAN: slab-out-of-bounds in kmemdup+0x3e/0x50\n[ 46.596572][ T7] Read of size 3014656 at addr ffff888019442000 by task kworker/0:1/7\n[ 46.598575][ T7]\n[ 46.599157][ T7] CPU: 0 PID: 7 Comm: kworker/0:1 Tainted: G O 5.14.0+ #145\n[ 46.601333][ T7] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\n[ 46.604360][ T7] Workqueue: events brcmf_fweh_event_worker\n[ 46.605943][ T7] Call Trace:\n[ 46.606584][ T7] dump_stack_lvl+0x8e/0xd1\n[ 46.607446][ T7] print_address_description.constprop.0.cold+0x93/0x334\n[ 46.608610][ T7] ? kmemdup+0x3e/0x50\n[ 46.609341][ T7] kasan_report.cold+0x79/0xd5\n[ 46.610151][ T7] ? kmemdup+0x3e/0x50\n[ 46.610796][ T7] kasan_check_range+0x14e/0x1b0\n[ 46.611691][ T7] memcpy+0x20/0x60\n[ 46.612323][ T7] kmemdup+0x3e/0x50\n[ 46.612987][ T7] brcmf_get_assoc_ies+0x967/0xf60\n[ 46.613904][ T7] ? brcmf_notify_vif_event+0x3d0/0x3d0\n[ 46.614831][ T7] ? lock_chain_count+0x20/0x20\n[ 46.615683][ T7] ? mark_lock.part.0+0xfc/0x2770\n[ 46.616552][ T7] ? lock_chain_count+0x20/0x20\n[ 46.617409][ T7] ? mark_lock.part.0+0xfc/0x2770\n[ 46.618244][ T7] ? lock_chain_count+0x20/0x20\n[ 46.619024][ T7] brcmf_bss_connect_done.constprop.0+0x241/0x2e0\n[ 46.620019][ T7] ? brcmf_parse_configure_security.isra.0+0x2a0/0x2a0\n[ 46.620818][ T7] ? __lock_acquire+0x181f/0x5790\n[ 46.621462][ T7] brcmf_notify_connect_status+0x448/0x1950\n[ 46.622134][ T7] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 46.622736][ T7] ? brcmf_cfg80211_join_ibss+0x7b0/0x7b0\n[ 46.623390][ T7] ? find_held_lock+0x2d/0x110\n[ 46.623962][ T7] ? brcmf_fweh_event_worker+0x19f/0xc60\n[ 46.624603][ T7] ? mark_held_locks+0x9f/0xe0\n[ 46.625145][ T7] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0\n[ 46.625871][ T7] ? brcmf_cfg80211_join_ibss+0x7b0/0x7b0\n[ 46.626545][ T7] brcmf_fweh_call_event_handler.isra.0+0x90/0x100\n[ 46.627338][ T7] brcmf_fweh_event_worker+0x557/0xc60\n[ 46.627962][ T7] ? brcmf_fweh_call_event_handler.isra.0+0x100/0x100\n[ 46.628736][ T7] ? rcu_read_lock_sched_held+0xa1/0xd0\n[ 46.629396][ T7] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 46.629970][ T7] ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n[ 46.630649][ T7] process_one_work+0x92b/0x1460\n[ 46.631205][ T7] ? pwq_dec_nr_in_flight+0x330/0x330\n[ 46.631821][ T7] ? rwlock_bug.part.0+0x90/0x90\n[ 46.632347][ T7] worker_thread+0x95/0xe00\n[ 46.632832][ T7] ? __kthread_parkme+0x115/0x1e0\n[ 46.633393][ T7] ? process_one_work+0x1460/0x1460\n[ 46.633957][ T7] kthread+0x3a1/0x480\n[ 46.634369][ T7] ? set_kthread_struct+0x120/0x120\n[ 46.634933][ T7] ret_from_fork+0x1f/0x30\n[ 46.635431][ T7]\n[ 46.635687][ T7] Allocated by task 7:\n[ 46.636151][ T7] kasan_save_stack+0x1b/0x40\n[ 46.636628][ T7] __kasan_kmalloc+0x7c/0x90\n[ 46.637108][ T7] kmem_cache_alloc_trace+0x19e/0x330\n[ 46.637696][ T7] brcmf_cfg80211_attach+0x4a0/0x4040\n[ 46.638275][ T7] brcmf_attach+0x389/0xd40\n[ 46.638739][ T7] brcmf_usb_probe+0x12de/0x1690\n[ 46.639279][ T7] usb_probe_interface+0x2aa/0x760\n[ 46.639820][ T7] really_probe+0x205/0xb70\n[ 46.640342][ T7] __driver_probe_device+0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53213",
"url": "https://www.suse.com/security/cve/CVE-2023-53213"
},
{
"category": "external",
"summary": "SUSE Bug 1249918 for CVE-2023-53213",
"url": "https://bugzilla.suse.com/1249918"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53213"
},
{
"cve": "CVE-2023-53215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Don\u0027t balance task to its current running CPU\n\nWe\u0027ve run into the case that the balancer tries to balance a migration\ndisabled task and trigger the warning in set_task_cpu() like below:\n\n ------------[ cut here ]------------\n WARNING: CPU: 7 PID: 0 at kernel/sched/core.c:3115 set_task_cpu+0x188/0x240\n Modules linked in: hclgevf xt_CHECKSUM ipt_REJECT nf_reject_ipv4 \u003c...snip\u003e\n CPU: 7 PID: 0 Comm: swapper/7 Kdump: loaded Tainted: G O 6.1.0-rc4+ #1\n Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 2280-V2 CS V5.B221.01 12/09/2021\n pstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : set_task_cpu+0x188/0x240\n lr : load_balance+0x5d0/0xc60\n sp : ffff80000803bc70\n x29: ffff80000803bc70 x28: ffff004089e190e8 x27: ffff004089e19040\n x26: ffff007effcabc38 x25: 0000000000000000 x24: 0000000000000001\n x23: ffff80000803be84 x22: 000000000000000c x21: ffffb093e79e2a78\n x20: 000000000000000c x19: ffff004089e19040 x18: 0000000000000000\n x17: 0000000000001fad x16: 0000000000000030 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000001 x10: 0000000000000400 x9 : ffffb093e4cee530\n x8 : 00000000fffffffe x7 : 0000000000ce168a x6 : 000000000000013e\n x5 : 00000000ffffffe1 x4 : 0000000000000001 x3 : 0000000000000b2a\n x2 : 0000000000000b2a x1 : ffffb093e6d6c510 x0 : 0000000000000001\n Call trace:\n set_task_cpu+0x188/0x240\n load_balance+0x5d0/0xc60\n rebalance_domains+0x26c/0x380\n _nohz_idle_balance.isra.0+0x1e0/0x370\n run_rebalance_domains+0x6c/0x80\n __do_softirq+0x128/0x3d8\n ____do_softirq+0x18/0x24\n call_on_irq_stack+0x2c/0x38\n do_softirq_own_stack+0x24/0x3c\n __irq_exit_rcu+0xcc/0xf4\n irq_exit_rcu+0x18/0x24\n el1_interrupt+0x4c/0xe4\n el1h_64_irq_handler+0x18/0x2c\n el1h_64_irq+0x74/0x78\n arch_cpu_idle+0x18/0x4c\n default_idle_call+0x58/0x194\n do_idle+0x244/0x2b0\n cpu_startup_entry+0x30/0x3c\n secondary_start_kernel+0x14c/0x190\n __secondary_switched+0xb0/0xb4\n ---[ end trace 0000000000000000 ]---\n\nFurther investigation shows that the warning is superfluous, the migration\ndisabled task is just going to be migrated to its current running CPU.\nThis is because that on load balance if the dst_cpu is not allowed by the\ntask, we\u0027ll re-select a new_dst_cpu as a candidate. If no task can be\nbalanced to dst_cpu we\u0027ll try to balance the task to the new_dst_cpu\ninstead. In this case when the migration disabled task is not on CPU it\nonly allows to run on its current CPU, load balance will select its\ncurrent CPU as new_dst_cpu and later triggers the warning above.\n\nThe new_dst_cpu is chosen from the env-\u003edst_grpmask. Currently it\ncontains CPUs in sched_group_span() and if we have overlapped groups it\u0027s\npossible to run into this case. This patch makes env-\u003edst_grpmask of\ngroup_balance_mask() which exclude any CPUs from the busiest group and\nsolve the issue. For balancing in a domain with no overlapped groups\nthe behaviour keeps same as before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53215",
"url": "https://www.suse.com/security/cve/CVE-2023-53215"
},
{
"category": "external",
"summary": "SUSE Bug 1250397 for CVE-2023-53215",
"url": "https://bugzilla.suse.com/1250397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53215"
},
{
"cve": "CVE-2023-53216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: efi: Make efi_rt_lock a raw_spinlock\n\nRunning a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs\nthe following:\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 9, name: kworker/u320:0\n preempt_count: 2, expected: 0\n RCU nest depth: 0, expected: 0\n 3 locks held by kworker/u320:0/9:\n #0: ffff3fff8c27d128 ((wq_completion)efi_rts_wq){+.+.}-{0:0}, at: process_one_work (./include/linux/atomic/atomic-long.h:41)\n #1: ffff80000861bdd0 ((work_completion)(\u0026efi_rts_work.work)){+.+.}-{0:0}, at: process_one_work (./include/linux/atomic/atomic-long.h:41)\n #2: ffffdf7e1ed3e460 (efi_rt_lock){+.+.}-{3:3}, at: efi_call_rts (drivers/firmware/efi/runtime-wrappers.c:101)\n Preemption disabled at:\n efi_virtmap_load (./arch/arm64/include/asm/mmu_context.h:248)\n CPU: 0 PID: 9 Comm: kworker/u320:0 Tainted: G W 6.2.0-rc3-rt1\n Hardware name: WIWYNN Mt.Jade Server System B81.03001.0005/Mt.Jade Motherboard, BIOS 1.08.20220218 (SCP: 1.08.20220218) 2022/02/18\n Workqueue: efi_rts_wq efi_call_rts\n Call trace:\n dump_backtrace (arch/arm64/kernel/stacktrace.c:158)\n show_stack (arch/arm64/kernel/stacktrace.c:165)\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 4))\n dump_stack (lib/dump_stack.c:114)\n __might_resched (kernel/sched/core.c:10134)\n rt_spin_lock (kernel/locking/rtmutex.c:1769 (discriminator 4))\n efi_call_rts (drivers/firmware/efi/runtime-wrappers.c:101)\n [...]\n\nThis seems to come from commit ff7a167961d1 (\"arm64: efi: Execute\nruntime services from a dedicated stack\") which adds a spinlock. This\nspinlock is taken through:\nefi_call_rts()\n\\-efi_call_virt()\n \\-efi_call_virt_pointer()\n \\-arch_efi_call_virt_setup()\n\nMake \u0027efi_rt_lock\u0027 a raw_spinlock to avoid being preempted.\n\n[ardb: The EFI runtime services are called with a different set of\n translation tables, and are permitted to use the SIMD registers.\n The context switch code preserves/restores neither, and so EFI\n calls must be made with preemption disabled, rather than only\n disabling migration.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53216",
"url": "https://www.suse.com/security/cve/CVE-2023-53216"
},
{
"category": "external",
"summary": "SUSE Bug 1249669 for CVE-2023-53216",
"url": "https://bugzilla.suse.com/1249669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53216"
},
{
"cve": "CVE-2023-53219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53219"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: netup_unidvb: fix use-after-free at del_timer()\n\nWhen Universal DVB card is detaching, netup_unidvb_dma_fini()\nuses del_timer() to stop dma-\u003etimeout timer. But when timer\nhandler netup_unidvb_dma_timeout() is running, del_timer()\ncould not stop it. As a result, the use-after-free bug could\nhappen. The process is shown below:\n\n (cleanup routine) | (timer routine)\n | mod_timer(\u0026dev-\u003etx_sim_timer, ..)\nnetup_unidvb_finidev() | (wait a time)\n netup_unidvb_dma_fini() | netup_unidvb_dma_timeout()\n del_timer(\u0026dma-\u003etimeout); |\n | ndev-\u003epci_dev-\u003edev //USE\n\nFix by changing del_timer() to del_timer_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53219",
"url": "https://www.suse.com/security/cve/CVE-2023-53219"
},
{
"category": "external",
"summary": "SUSE Bug 1249661 for CVE-2023-53219",
"url": "https://bugzilla.suse.com/1249661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53219"
},
{
"cve": "CVE-2023-53222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53222"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: jfs_dmap: Validate db_l2nbperpage while mounting\n\nIn jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block\nnumber inside dbFree(). db_l2nbperpage, which is the log2 number of\nblocks per page, is passed as an argument to BLKTODMAP which uses it\nfor shifting.\n\nSyzbot reported a shift out-of-bounds crash because db_l2nbperpage is\ntoo big. This happens because the large value is set without any\nvalidation in dbMount() at line 181.\n\nThus, make sure that db_l2nbperpage is correct while mounting.\n\nMax number of blocks per page = Page size / Min block size\n=\u003e log2(Max num_block per page) = log2(Page size / Min block size)\n\t\t\t\t= log2(Page size) - log2(Min block size)\n\n=\u003e Max db_l2nbperpage = L2PSIZE - L2MINBLOCKSIZE",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53222",
"url": "https://www.suse.com/security/cve/CVE-2023-53222"
},
{
"category": "external",
"summary": "SUSE Bug 1249864 for CVE-2023-53222",
"url": "https://bugzilla.suse.com/1249864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53222"
},
{
"cve": "CVE-2023-53223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue as it may return\nNULL pointer and cause NULL pointer dereference.\n\nPatchwork: https://patchwork.freedesktop.org/patch/517646/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53223",
"url": "https://www.suse.com/security/cve/CVE-2023-53223"
},
{
"category": "external",
"summary": "SUSE Bug 1250080 for CVE-2023-53223",
"url": "https://bugzilla.suse.com/1250080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53223"
},
{
"cve": "CVE-2023-53226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix OOB and integer underflow when rx packets\n\nMake sure mwifiex_process_mgmt_packet,\nmwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet,\nmwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet\nnot out-of-bounds access the skb-\u003edata buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53226",
"url": "https://www.suse.com/security/cve/CVE-2023-53226"
},
{
"category": "external",
"summary": "SUSE Bug 1249658 for CVE-2023-53226",
"url": "https://bugzilla.suse.com/1249658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53226"
},
{
"cve": "CVE-2023-53229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta\n\nAvoid potential data corruption issues caused by uninitialized driver\nprivate data structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53229",
"url": "https://www.suse.com/security/cve/CVE-2023-53229"
},
{
"category": "external",
"summary": "SUSE Bug 1249650 for CVE-2023-53229",
"url": "https://bugzilla.suse.com/1249650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53229"
},
{
"cve": "CVE-2023-53230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53230"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix warning in cifs_smb3_do_mount()\n\nThis fixes the following warning reported by kernel test robot\n\n fs/smb/client/cifsfs.c:982 cifs_smb3_do_mount() warn: possible\n memory leak of \u0027cifs_sb\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53230",
"url": "https://www.suse.com/security/cve/CVE-2023-53230"
},
{
"category": "external",
"summary": "SUSE Bug 1249866 for CVE-2023-53230",
"url": "https://bugzilla.suse.com/1249866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53230"
},
{
"cve": "CVE-2023-53232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53232"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix kernel panic by accessing unallocated eeprom.data\n\nThe MT7921 driver no longer uses eeprom.data, but the relevant code has not\nbeen removed completely since\ncommit 16d98b548365 (\"mt76: mt7921: rely on mcu_get_nic_capability\").\nThis could result in potential invalid memory access.\n\nTo fix the kernel panic issue in mt7921, it is necessary to avoid accessing\nunallocated eeprom.data which can lead to invalid memory access.\n\nFurthermore, it is possible to entirely eliminate the\nmt7921_mcu_parse_eeprom function and solely depend on\nmt7921_mcu_parse_response to divide the RxD header.\n\n[2.702735] BUG: kernel NULL pointer dereference, address: 0000000000000550\n[2.702740] #PF: supervisor write access in kernel mode\n[2.702741] #PF: error_code(0x0002) - not-present page\n[2.702743] PGD 0 P4D 0\n[2.702747] Oops: 0002 [#1] PREEMPT SMP NOPTI\n[2.702755] RIP: 0010:mt7921_mcu_parse_response+0x147/0x170 [mt7921_common]\n[2.702758] RSP: 0018:ffffae7c00fef828 EFLAGS: 00010286\n[2.702760] RAX: ffffa367f57be024 RBX: ffffa367cc7bf500 RCX: 0000000000000000\n[2.702762] RDX: 0000000000000550 RSI: 0000000000000000 RDI: ffffa367cc7bf500\n[2.702763] RBP: ffffae7c00fef840 R08: ffffa367cb167000 R09: 0000000000000005\n[2.702764] R10: 0000000000000000 R11: ffffffffc04702e4 R12: ffffa367e8329f40\n[2.702766] R13: 0000000000000000 R14: 0000000000000001 R15: ffffa367e8329f40\n[2.702768] FS: 000079ee6cf20c40(0000) GS:ffffa36b2f940000(0000) knlGS:0000000000000000\n[2.702769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[2.702775] CR2: 0000000000000550 CR3: 00000001233c6004 CR4: 0000000000770ee0\n[2.702776] PKRU: 55555554\n[2.702777] Call Trace:\n[2.702782] mt76_mcu_skb_send_and_get_msg+0xc3/0x11e [mt76 \u003cHASH:1bc4 5\u003e]\n[2.702785] mt7921_run_firmware+0x241/0x853 [mt7921_common \u003cHASH:6a2f 6\u003e]\n[2.702789] mt7921e_mcu_init+0x2b/0x56 [mt7921e \u003cHASH:d290 7\u003e]\n[2.702792] mt7921_register_device+0x2eb/0x5a5 [mt7921_common \u003cHASH:6a2f 6\u003e]\n[2.702795] ? mt7921_irq_tasklet+0x1d4/0x1d4 [mt7921e \u003cHASH:d290 7\u003e]\n[2.702797] mt7921_pci_probe+0x2d6/0x319 [mt7921e \u003cHASH:d290 7\u003e]\n[2.702799] pci_device_probe+0x9f/0x12a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53232",
"url": "https://www.suse.com/security/cve/CVE-2023-53232"
},
{
"category": "external",
"summary": "SUSE Bug 1249648 for CVE-2023-53232",
"url": "https://bugzilla.suse.com/1249648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53232"
},
{
"cve": "CVE-2023-53234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: Fix kmemleak in watchdog_cdev_register\n\nkmemleak reports memory leaks in watchdog_dev_register, as follows:\nunreferenced object 0xffff888116233000 (size 2048):\n comm \"\"modprobe\"\", pid 28147, jiffies 4353426116 (age 61.741s)\n hex dump (first 32 bytes):\n 80 fa b9 05 81 88 ff ff 08 30 23 16 81 88 ff ff .........0#.....\n 08 30 23 16 81 88 ff ff 00 00 00 00 00 00 00 00 .0#.............\n backtrace:\n [\u003c000000007f001ffd\u003e] __kmem_cache_alloc_node+0x157/0x220\n [\u003c000000006a389304\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000008d640eea\u003e] watchdog_dev_register+0x4e/0x780 [watchdog]\n [\u003c0000000053c9f248\u003e] __watchdog_register_device+0x4f0/0x680 [watchdog]\n [\u003c00000000b2979824\u003e] watchdog_register_device+0xd2/0x110 [watchdog]\n [\u003c000000001f730178\u003e] 0xffffffffc10880ae\n [\u003c000000007a1a8bcc\u003e] do_one_initcall+0xcb/0x4d0\n [\u003c00000000b98be325\u003e] do_init_module+0x1ca/0x5f0\n [\u003c0000000046d08e7c\u003e] load_module+0x6133/0x70f0\n ...\n\nunreferenced object 0xffff888105b9fa80 (size 16):\n comm \"\"modprobe\"\", pid 28147, jiffies 4353426116 (age 61.741s)\n hex dump (first 16 bytes):\n 77 61 74 63 68 64 6f 67 31 00 b9 05 81 88 ff ff watchdog1.......\n backtrace:\n [\u003c000000007f001ffd\u003e] __kmem_cache_alloc_node+0x157/0x220\n [\u003c00000000486ab89b\u003e] __kmalloc_node_track_caller+0x44/0x1b0\n [\u003c000000005a39aab0\u003e] kvasprintf+0xb5/0x140\n [\u003c0000000024806f85\u003e] kvasprintf_const+0x55/0x180\n [\u003c000000009276cb7f\u003e] kobject_set_name_vargs+0x56/0x150\n [\u003c00000000a92e820b\u003e] dev_set_name+0xab/0xe0\n [\u003c00000000cec812c6\u003e] watchdog_dev_register+0x285/0x780 [watchdog]\n [\u003c0000000053c9f248\u003e] __watchdog_register_device+0x4f0/0x680 [watchdog]\n [\u003c00000000b2979824\u003e] watchdog_register_device+0xd2/0x110 [watchdog]\n [\u003c000000001f730178\u003e] 0xffffffffc10880ae\n [\u003c000000007a1a8bcc\u003e] do_one_initcall+0xcb/0x4d0\n [\u003c00000000b98be325\u003e] do_init_module+0x1ca/0x5f0\n [\u003c0000000046d08e7c\u003e] load_module+0x6133/0x70f0\n ...\n\nThe reason is that put_device is not be called if cdev_device_add fails\nand wdd-\u003eid != 0.\n\nwatchdog_cdev_register\n wd_data = kzalloc [1]\n err = dev_set_name [2]\n ..\n err = cdev_device_add\n if (err) {\n if (wdd-\u003eid == 0) { // wdd-\u003eid != 0\n ..\n }\n return err; // [1],[2] would be leaked\n\nTo fix it, call put_device in all wdd-\u003eid cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53234",
"url": "https://www.suse.com/security/cve/CVE-2023-53234"
},
{
"category": "external",
"summary": "SUSE Bug 1249784 for CVE-2023-53234",
"url": "https://bugzilla.suse.com/1249784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53234"
},
{
"cve": "CVE-2023-53237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini\n\nThe gmc.ecc_irq is enabled by firmware per IFWI setting,\nand the host driver is not privileged to enable/disable\nthe interrupt. So, it is meaningless to use the amdgpu_irq_put\nfunction in gmc_v11_0_hw_fini, which also leads to the call\ntrace.\n\n[ 102.980303] Call Trace:\n[ 102.980303] \u003cTASK\u003e\n[ 102.980304] gmc_v11_0_hw_fini+0x54/0x90 [amdgpu]\n[ 102.980357] gmc_v11_0_suspend+0xe/0x20 [amdgpu]\n[ 102.980409] amdgpu_device_ip_suspend_phase2+0x240/0x460 [amdgpu]\n[ 102.980459] amdgpu_device_ip_suspend+0x3d/0x80 [amdgpu]\n[ 102.980520] amdgpu_device_pre_asic_reset+0xd9/0x490 [amdgpu]\n[ 102.980573] amdgpu_device_gpu_recover.cold+0x548/0xce6 [amdgpu]\n[ 102.980687] amdgpu_debugfs_reset_work+0x4c/0x70 [amdgpu]\n[ 102.980740] process_one_work+0x21f/0x3f0\n[ 102.980741] worker_thread+0x200/0x3e0\n[ 102.980742] ? process_one_work+0x3f0/0x3f0\n[ 102.980743] kthread+0xfd/0x130\n[ 102.980743] ? kthread_complete_and_exit+0x20/0x20\n[ 102.980744] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53237",
"url": "https://www.suse.com/security/cve/CVE-2023-53237"
},
{
"category": "external",
"summary": "SUSE Bug 1249782 for CVE-2023-53237",
"url": "https://bugzilla.suse.com/1249782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53237"
},
{
"cve": "CVE-2023-53238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()\n\nThe size of array \u0027priv-\u003eports[]\u0027 is INNO_PHY_PORT_NUM.\n\nIn the for loop, \u0027i\u0027 is used as the index for array \u0027priv-\u003eports[]\u0027\nwith a check (i \u003e INNO_PHY_PORT_NUM) which indicates that\nINNO_PHY_PORT_NUM is allowed value for \u0027i\u0027 in the same loop.\n\nThis \u003e comparison needs to be changed to \u003e=, otherwise it potentially leads\nto an out of bounds write on the next iteration through the loop",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53238",
"url": "https://www.suse.com/security/cve/CVE-2023-53238"
},
{
"category": "external",
"summary": "SUSE Bug 1249707 for CVE-2023-53238",
"url": "https://bugzilla.suse.com/1249707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53238"
},
{
"cve": "CVE-2023-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Add check for kzalloc\n\nAs kzalloc may fail and return NULL pointer,\nit should be better to check the return value\nin order to avoid the NULL pointer dereference.\n\nPatchwork: https://patchwork.freedesktop.org/patch/514154/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53239",
"url": "https://www.suse.com/security/cve/CVE-2023-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1249781 for CVE-2023-53239",
"url": "https://bugzilla.suse.com/1249781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53239"
},
{
"cve": "CVE-2023-53241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53241"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: call op_release, even when op_func returns an error\n\nFor ops with \"trivial\" replies, nfsd4_encode_operation will shortcut\nmost of the encoding work and skip to just marshalling up the status.\nOne of the things it skips is calling op_release. This could cause a\nmemory leak in the layoutget codepath if there is an error at an\ninopportune time.\n\nHave the compound processing engine always call op_release, even when\nop_func sets an error in op-\u003estatus. With this change, we also need\nnfsd4_block_get_device_info_scsi to set the gd_device pointer to NULL\non error to avoid a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53241",
"url": "https://www.suse.com/security/cve/CVE-2023-53241"
},
{
"category": "external",
"summary": "SUSE Bug 1249638 for CVE-2023-53241",
"url": "https://bugzilla.suse.com/1249638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53241"
},
{
"cve": "CVE-2023-53242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53242"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/hisi: Drop second sensor hi3660\n\nThe commit 74c8e6bffbe1 (\"driver core: Add __alloc_size hint to devm\nallocators\") exposes a panic \"BRK handler: Fatal exception\" on the\nhi3660_thermal_probe funciton.\nThis is because the function allocates memory for only one\nsensors array entry, but tries to fill up a second one.\n\nFix this by removing the unneeded second access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53242",
"url": "https://www.suse.com/security/cve/CVE-2023-53242"
},
{
"category": "external",
"summary": "SUSE Bug 1249639 for CVE-2023-53242",
"url": "https://bugzilla.suse.com/1249639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53242"
},
{
"cve": "CVE-2023-53244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish\n\nWhen the driver calls tw68_risc_buffer() to prepare the buffer, the\nfunction call dma_alloc_coherent may fail, resulting in a empty buffer\nbuf-\u003ecpu. Later when we free the buffer or access the buffer, null ptr\nderef is triggered.\n\nThis bug is similar to the following one:\nhttps://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71.\n\nWe believe the bug can be also dynamically triggered from user side.\nSimilarly, we fix this by checking the return value of tw68_risc_buffer()\nand the value of buf-\u003ecpu before buffer free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53244",
"url": "https://www.suse.com/security/cve/CVE-2023-53244"
},
{
"category": "external",
"summary": "SUSE Bug 1249868 for CVE-2023-53244",
"url": "https://bugzilla.suse.com/1249868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53244"
},
{
"cve": "CVE-2023-53245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Fix handling of virtual Fibre Channel timeouts\n\nHyper-V provides the ability to connect Fibre Channel LUNs to the host\nsystem and present them in a guest VM as a SCSI device. I/O to the vFC\ndevice is handled by the storvsc driver. The storvsc driver includes a\npartial integration with the FC transport implemented in the generic\nportion of the Linux SCSI subsystem so that FC attributes can be displayed\nin /sys. However, the partial integration means that some aspects of vFC\ndon\u0027t work properly. Unfortunately, a full and correct integration isn\u0027t\npractical because of limitations in what Hyper-V provides to the guest.\n\nIn particular, in the context of Hyper-V storvsc, the FC transport timeout\nfunction fc_eh_timed_out() causes a kernel panic because it can\u0027t find the\nrport and dereferences a NULL pointer. The original patch that added the\ncall from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this\nregard.\n\nIn many cases a timeout is due to a transient condition, so the situation\ncan be improved by just continuing to wait like with other I/O requests\nissued by storvsc, and avoiding the guaranteed panic. For a permanent\nfailure, continuing to wait may result in a hung thread instead of a panic,\nwhich again may be better.\n\nSo fix the panic by removing the storvsc call to fc_eh_timed_out(). This\nallows storvsc to keep waiting for a response. The change has been tested\nby users who experienced a panic in fc_eh_timed_out() due to transient\ntimeouts, and it solves their problem.\n\nIn the future we may want to deprecate the vFC functionality in storvsc\nsince it can\u0027t be fully fixed. But it has current users for whom it is\nworking well enough, so it should probably stay for a while longer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53245",
"url": "https://www.suse.com/security/cve/CVE-2023-53245"
},
{
"category": "external",
"summary": "SUSE Bug 1249641 for CVE-2023-53245",
"url": "https://bugzilla.suse.com/1249641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53245"
},
{
"cve": "CVE-2023-53246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53246"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL\n\nWhen compiled with CONFIG_CIFS_DFS_UPCALL disabled, cifs_dfs_d_automount\nis NULL. cifs.ko logic for mapping CIFS_FATTR_DFS_REFERRAL attributes to\nS_AUTOMOUNT and corresponding dentry flags is retained regardless of\nCONFIG_CIFS_DFS_UPCALL, leading to a NULL pointer dereference in\nVFS follow_automount() when traversing a DFS referral link:\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n Call Trace:\n \u003cTASK\u003e\n __traverse_mounts+0xb5/0x220\n ? cifs_revalidate_mapping+0x65/0xc0 [cifs]\n step_into+0x195/0x610\n ? lookup_fast+0xe2/0xf0\n path_lookupat+0x64/0x140\n filename_lookup+0xc2/0x140\n ? __create_object+0x299/0x380\n ? kmem_cache_alloc+0x119/0x220\n ? user_path_at_empty+0x31/0x50\n user_path_at_empty+0x31/0x50\n __x64_sys_chdir+0x2a/0xd0\n ? exit_to_user_mode_prepare+0xca/0x100\n do_syscall_64+0x42/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nThis fix adds an inline cifs_dfs_d_automount() {return -EREMOTE} handler\nwhen CONFIG_CIFS_DFS_UPCALL is disabled. An alternative would be to\navoid flagging S_AUTOMOUNT, etc. without CONFIG_CIFS_DFS_UPCALL. This\napproach was chosen as it provides more control over the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53246",
"url": "https://www.suse.com/security/cve/CVE-2023-53246"
},
{
"category": "external",
"summary": "SUSE Bug 1249867 for CVE-2023-53246",
"url": "https://bugzilla.suse.com/1249867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53246"
},
{
"cve": "CVE-2023-53249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe\n\nUse devm_of_iomap() instead of of_iomap() to automatically handle\nthe unused ioremap region.\n\nIf any error occurs, regions allocated by kzalloc() will leak,\nbut using devm_kzalloc() instead will automatically free the memory\nusing devm_kfree().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53249",
"url": "https://www.suse.com/security/cve/CVE-2023-53249"
},
{
"category": "external",
"summary": "SUSE Bug 1249642 for CVE-2023-53249",
"url": "https://bugzilla.suse.com/1249642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53249"
},
{
"cve": "CVE-2023-53250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53250"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle\n\nKASAN reported a null-ptr-deref error:\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 0 PID: 1373 Comm: modprobe\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:dmi_sysfs_entry_release\n...\nCall Trace:\n \u003cTASK\u003e\n kobject_put\n dmi_sysfs_register_handle (drivers/firmware/dmi-sysfs.c:540) dmi_sysfs\n dmi_decode_table (drivers/firmware/dmi_scan.c:133)\n dmi_walk (drivers/firmware/dmi_scan.c:1115)\n dmi_sysfs_init (drivers/firmware/dmi-sysfs.c:149) dmi_sysfs\n do_one_initcall (init/main.c:1296)\n ...\nKernel panic - not syncing: Fatal exception\nKernel Offset: 0x4000000 from 0xffffffff81000000\n---[ end Kernel panic - not syncing: Fatal exception ]---\n\nIt is because previous patch added kobject_put() to release the memory\nwhich will call dmi_sysfs_entry_release() and list_del().\n\nHowever, list_add_tail(entry-\u003elist) is called after the error block,\nso the list_head is uninitialized and cannot be deleted.\n\nMove error handling to after list_add_tail to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53250",
"url": "https://www.suse.com/security/cve/CVE-2023-53250"
},
{
"category": "external",
"summary": "SUSE Bug 1249727 for CVE-2023-53250",
"url": "https://bugzilla.suse.com/1249727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53250"
},
{
"cve": "CVE-2023-53251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler()\n\nrxq can be NULL only when trans_pcie-\u003erxq is NULL and entry-\u003eentry\nis zero. For the case when entry-\u003eentry is not equal to 0, rxq\nwon\u0027t be NULL even if trans_pcie-\u003erxq is NULL. Modify checker to\ncheck for trans_pcie-\u003erxq.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53251",
"url": "https://www.suse.com/security/cve/CVE-2023-53251"
},
{
"category": "external",
"summary": "SUSE Bug 1249730 for CVE-2023-53251",
"url": "https://bugzilla.suse.com/1249730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53251"
},
{
"cve": "CVE-2023-53252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: use RCU for hci_conn_params and iterate safely in hci_sync\n\nhci_update_accept_list_sync iterates over hdev-\u003epend_le_conns and\nhdev-\u003epend_le_reports, and waits for controller events in the loop body,\nwithout holding hdev lock.\n\nMeanwhile, these lists and the items may be modified e.g. by\nle_scan_cleanup. This can invalidate the list cursor or any other item\nin the list, resulting to invalid behavior (eg use-after-free).\n\nUse RCU for the hci_conn_params action lists. Since the loop bodies in\nhci_sync block and we cannot use RCU or hdev-\u003elock for the whole loop,\ncopy list items first and then iterate on the copy. Only the flags field\nis written from elsewhere, so READ_ONCE/WRITE_ONCE should guarantee we\nread valid values.\n\nFree params everywhere with hci_conn_params_free so the cleanup is\nguaranteed to be done properly.\n\nThis fixes the following, which can be triggered e.g. by BlueZ new\nmgmt-tester case \"Add + Remove Device Nowait - Success\", or by changing\nhci_le_set_cig_params to always return false, and running iso-tester:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\nRead of size 8 at addr ffff888001265018 by task kworker/u3:0/32\n\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (./arch/x86/include/asm/irqflags.h:134 lib/dump_stack.c:107)\nprint_report (mm/kasan/report.c:320 mm/kasan/report.c:430)\n? __virt_addr_valid (./include/linux/mmzone.h:1915 ./include/linux/mmzone.h:2011 arch/x86/mm/physaddr.c:65)\n? hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\nkasan_report (mm/kasan/report.c:538)\n? hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\nhci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\n? __pfx_hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2780)\n? mutex_lock (kernel/locking/mutex.c:282)\n? __pfx_mutex_lock (kernel/locking/mutex.c:282)\n? __pfx_mutex_unlock (kernel/locking/mutex.c:538)\n? __pfx_update_passive_scan_sync (net/bluetooth/hci_sync.c:2861)\nhci_cmd_sync_work (net/bluetooth/hci_sync.c:306)\nprocess_one_work (./arch/x86/include/asm/preempt.h:27 kernel/workqueue.c:2399)\nworker_thread (./include/linux/list.h:292 kernel/workqueue.c:2538)\n? __pfx_worker_thread (kernel/workqueue.c:2480)\nkthread (kernel/kthread.c:376)\n? __pfx_kthread (kernel/kthread.c:331)\nret_from_fork (arch/x86/entry/entry_64.S:314)\n\u003c/TASK\u003e\n\nAllocated by task 31:\nkasan_save_stack (mm/kasan/common.c:46)\nkasan_set_track (mm/kasan/common.c:52)\n__kasan_kmalloc (mm/kasan/common.c:374 mm/kasan/common.c:383)\nhci_conn_params_add (./include/linux/slab.h:580 ./include/linux/slab.h:720 net/bluetooth/hci_core.c:2277)\nhci_connect_le_scan (net/bluetooth/hci_conn.c:1419 net/bluetooth/hci_conn.c:1589)\nhci_connect_cis (net/bluetooth/hci_conn.c:2266)\niso_connect_cis (net/bluetooth/iso.c:390)\niso_sock_connect (net/bluetooth/iso.c:899)\n__sys_connect (net/socket.c:2003 net/socket.c:2020)\n__x64_sys_connect (net/socket.c:2027)\ndo_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)\n\nFreed by task 15:\nkasan_save_stack (mm/kasan/common.c:46)\nkasan_set_track (mm/kasan/common.c:52)\nkasan_save_free_info (mm/kasan/generic.c:523)\n__kasan_slab_free (mm/kasan/common.c:238 mm/kasan/common.c:200 mm/kasan/common.c:244)\n__kmem_cache_free (mm/slub.c:1807 mm/slub.c:3787 mm/slub.c:3800)\nhci_conn_params_del (net/bluetooth/hci_core.c:2323)\nle_scan_cleanup (net/bluetooth/hci_conn.c:202)\nprocess_one_work (./arch/x86/include/asm/preempt.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53252",
"url": "https://www.suse.com/security/cve/CVE-2023-53252"
},
{
"category": "external",
"summary": "SUSE Bug 1249756 for CVE-2023-53252",
"url": "https://bugzilla.suse.com/1249756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53252"
},
{
"cve": "CVE-2023-53255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()\n\nsvc_create_memory_pool() is only called from stratix10_svc_drv_probe().\nMost of resources in the probe are managed, but not this memremap() call.\n\nThere is also no memunmap() call in the file.\n\nSo switch to devm_memremap() to avoid a resource leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53255",
"url": "https://www.suse.com/security/cve/CVE-2023-53255"
},
{
"category": "external",
"summary": "SUSE Bug 1249762 for CVE-2023-53255",
"url": "https://bugzilla.suse.com/1249762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53255"
},
{
"cve": "CVE-2023-53257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check S1G action frame size\n\nBefore checking the action code, check that it even\nexists in the frame.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53257",
"url": "https://www.suse.com/security/cve/CVE-2023-53257"
},
{
"category": "external",
"summary": "SUSE Bug 1249869 for CVE-2023-53257",
"url": "https://bugzilla.suse.com/1249869"
},
{
"category": "external",
"summary": "SUSE Bug 1250730 for CVE-2023-53257",
"url": "https://bugzilla.suse.com/1250730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53257"
},
{
"cve": "CVE-2023-53258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix possible underflow for displays with large vblank\n\n[Why]\nUnderflow observed when using a display with a large vblank region\nand low refresh rate\n\n[How]\nSimplify calculation of vblank_nom\n\nIncrease value for VBlankNomDefaultUS to 800us",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53258",
"url": "https://www.suse.com/security/cve/CVE-2023-53258"
},
{
"category": "external",
"summary": "SUSE Bug 1249780 for CVE-2023-53258",
"url": "https://bugzilla.suse.com/1249780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53258"
},
{
"cve": "CVE-2023-53259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: check context-\u003enotify_page after call to get_user_pages_fast() to avoid GPF\n\nThe call to get_user_pages_fast() in vmci_host_setup_notify() can return\nNULL context-\u003enotify_page causing a GPF. To avoid GPF check if\ncontext-\u003enotify_page == NULL and return error if so.\n\ngeneral protection fault, probably for non-canonical address\n 0xe0009d1000000060: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: maybe wild-memory-access in range [0x0005088000000300-\n 0x0005088000000307]\nCPU: 2 PID: 26180 Comm: repro_34802241 Not tainted 6.1.0-rc4 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module+el8.6.0 04/01/2014\nRIP: 0010:vmci_ctx_check_signal_notify+0x91/0xe0\nCall Trace:\n \u003cTASK\u003e\n vmci_host_unlocked_ioctl+0x362/0x1f40\n __x64_sys_ioctl+0x1a1/0x230\n do_syscall_64+0x3a/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53259",
"url": "https://www.suse.com/security/cve/CVE-2023-53259"
},
{
"category": "external",
"summary": "SUSE Bug 1249767 for CVE-2023-53259",
"url": "https://bugzilla.suse.com/1249767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53259"
},
{
"cve": "CVE-2023-53263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53263"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create\n\nWe can\u0027t simply free the connector after calling drm_connector_init on it.\nWe need to clean up the drm side first.\n\nIt might not fix all regressions from commit 2b5d1c29f6c4\n(\"drm/nouveau/disp: PIOR DP uses GPIO for HPD, not PMGR AUX interrupts\"),\nbut at least it fixes a memory corruption in error handling related to\nthat commit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53263",
"url": "https://www.suse.com/security/cve/CVE-2023-53263"
},
{
"category": "external",
"summary": "SUSE Bug 1249861 for CVE-2023-53263",
"url": "https://bugzilla.suse.com/1249861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53263"
},
{
"cve": "CVE-2023-53265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubi: ensure that VID header offset + VID header size \u003c= alloc, size\n\nEnsure that the VID header offset + VID header size does not exceed\nthe allocated area to avoid slab OOB.\n\nBUG: KASAN: slab-out-of-bounds in crc32_body lib/crc32.c:111 [inline]\nBUG: KASAN: slab-out-of-bounds in crc32_le_generic lib/crc32.c:179 [inline]\nBUG: KASAN: slab-out-of-bounds in crc32_le_base+0x58c/0x626 lib/crc32.c:197\nRead of size 4 at addr ffff88802bb36f00 by task syz-executor136/1555\n\nCPU: 2 PID: 1555 Comm: syz-executor136 Tainted: G W\n6.0.0-1868 #1\nHardware name: Red Hat KVM, BIOS 1.13.0-2.module+el8.3.0+7860+a7792d29\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x85/0xad lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold.13+0xb6/0x6bb mm/kasan/report.c:433\n kasan_report+0xa7/0x11b mm/kasan/report.c:495\n crc32_body lib/crc32.c:111 [inline]\n crc32_le_generic lib/crc32.c:179 [inline]\n crc32_le_base+0x58c/0x626 lib/crc32.c:197\n ubi_io_write_vid_hdr+0x1b7/0x472 drivers/mtd/ubi/io.c:1067\n create_vtbl+0x4d5/0x9c4 drivers/mtd/ubi/vtbl.c:317\n create_empty_lvol drivers/mtd/ubi/vtbl.c:500 [inline]\n ubi_read_volume_table+0x67b/0x288a drivers/mtd/ubi/vtbl.c:812\n ubi_attach+0xf34/0x1603 drivers/mtd/ubi/attach.c:1601\n ubi_attach_mtd_dev+0x6f3/0x185e drivers/mtd/ubi/build.c:965\n ctrl_cdev_ioctl+0x2db/0x347 drivers/mtd/ubi/cdev.c:1043\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x193/0x213 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3e/0x86 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0x0\nRIP: 0033:0x7f96d5cf753d\nCode:\nRSP: 002b:00007fffd72206f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f96d5cf753d\nRDX: 0000000020000080 RSI: 0000000040186f40 RDI: 0000000000000003\nRBP: 0000000000400cd0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400be0\nR13: 00007fffd72207e0 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nAllocated by task 1555:\n kasan_save_stack+0x20/0x3d mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:437 [inline]\n ____kasan_kmalloc mm/kasan/common.c:516 [inline]\n __kasan_kmalloc+0x88/0xa3 mm/kasan/common.c:525\n kasan_kmalloc include/linux/kasan.h:234 [inline]\n __kmalloc+0x138/0x257 mm/slub.c:4429\n kmalloc include/linux/slab.h:605 [inline]\n ubi_alloc_vid_buf drivers/mtd/ubi/ubi.h:1093 [inline]\n create_vtbl+0xcc/0x9c4 drivers/mtd/ubi/vtbl.c:295\n create_empty_lvol drivers/mtd/ubi/vtbl.c:500 [inline]\n ubi_read_volume_table+0x67b/0x288a drivers/mtd/ubi/vtbl.c:812\n ubi_attach+0xf34/0x1603 drivers/mtd/ubi/attach.c:1601\n ubi_attach_mtd_dev+0x6f3/0x185e drivers/mtd/ubi/build.c:965\n ctrl_cdev_ioctl+0x2db/0x347 drivers/mtd/ubi/cdev.c:1043\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x193/0x213 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3e/0x86 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0x0\n\nThe buggy address belongs to the object at ffff88802bb36e00\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 0 bytes to the right of\n 256-byte region [ffff88802bb36e00, ffff88802bb36f00)\n\nThe buggy address belongs to the physical page:\npage:00000000ea4d1263 refcount:1 mapcount:0 mapping:0000000000000000\nindex:0x0 pfn:0x2bb36\nhead:00000000ea4d1263 order:1 compound_mapcount:0 compound_pincount:0\nflags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff)\nraw: 000fffffc0010200 ffffea000066c300 dead000000000003 ffff888100042b40\nraw: 0000000000000000 00000000001\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53265",
"url": "https://www.suse.com/security/cve/CVE-2023-53265"
},
{
"category": "external",
"summary": "SUSE Bug 1249908 for CVE-2023-53265",
"url": "https://bugzilla.suse.com/1249908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53265"
},
{
"cve": "CVE-2023-53268",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53268"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: fsl_mqs: move of_node_put() to the correct location\n\nof_node_put() should have been done directly after\nmqs_priv-\u003eregmap = syscon_node_to_regmap(gpr_np);\notherwise it creates a reference leak on the success path.\n\nTo fix this, of_node_put() is moved to the correct location, and change\nall the gotos to direct returns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53268",
"url": "https://www.suse.com/security/cve/CVE-2023-53268"
},
{
"category": "external",
"summary": "SUSE Bug 1249914 for CVE-2023-53268",
"url": "https://bugzilla.suse.com/1249914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53268"
},
{
"cve": "CVE-2023-53270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53270"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix i_disksize exceeding i_size problem in paritally written case\n\nIt is possible for i_disksize can exceed i_size, triggering a warning.\n\ngeneric_perform_write\n copied = iov_iter_copy_from_user_atomic(len) // copied \u003c len\n ext4_da_write_end\n | ext4_update_i_disksize\n | new_i_size = pos + copied;\n | WRITE_ONCE(EXT4_I(inode)-\u003ei_disksize, newsize) // update i_disksize\n | generic_write_end\n | copied = block_write_end(copied, len) // copied = 0\n | if (unlikely(copied \u003c len))\n | if (!PageUptodate(page))\n | copied = 0;\n | if (pos + copied \u003e inode-\u003ei_size) // return false\n if (unlikely(copied == 0))\n goto again;\n if (unlikely(iov_iter_fault_in_readable(i, bytes))) {\n status = -EFAULT;\n break;\n }\n\nWe get i_disksize greater than i_size here, which could trigger WARNING\ncheck \u0027i_size_read(inode) \u003c EXT4_I(inode)-\u003ei_disksize\u0027 while doing dio:\n\next4_dio_write_iter\n iomap_dio_rw\n __iomap_dio_rw // return err, length is not aligned to 512\n ext4_handle_inode_extension\n WARN_ON_ONCE(i_size_read(inode) \u003c EXT4_I(inode)-\u003ei_disksize) // Oops\n\n WARNING: CPU: 2 PID: 2609 at fs/ext4/file.c:319\n CPU: 2 PID: 2609 Comm: aa Not tainted 6.3.0-rc2\n RIP: 0010:ext4_file_write_iter+0xbc7\n Call Trace:\n vfs_write+0x3b1\n ksys_write+0x77\n do_syscall_64+0x39\n\nFix it by updating \u0027copied\u0027 value before updating i_disksize just like\next4_write_inline_data_end() does.\n\nA reproducer can be found in the buganizer link below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53270",
"url": "https://www.suse.com/security/cve/CVE-2023-53270"
},
{
"category": "external",
"summary": "SUSE Bug 1249872 for CVE-2023-53270",
"url": "https://bugzilla.suse.com/1249872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53270"
},
{
"cve": "CVE-2023-53272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: fix shift-out-of-bounds in exponential backoff\n\nThe ENA adapters on our instances occasionally reset. Once recently\nlogged a UBSAN failure to console in the process:\n\n UBSAN: shift-out-of-bounds in build/linux/drivers/net/ethernet/amazon/ena/ena_com.c:540:13\n shift exponent 32 is too large for 32-bit type \u0027unsigned int\u0027\n CPU: 28 PID: 70012 Comm: kworker/u72:2 Kdump: loaded not tainted 5.15.117\n Hardware name: Amazon EC2 c5d.9xlarge/, BIOS 1.0 10/16/2017\n Workqueue: ena ena_fw_reset_device [ena]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_shift_out_of_bounds.cold+0x61/0x10e\n ? __const_udelay+0x43/0x50\n ena_delay_exponential_backoff_us.cold+0x16/0x1e [ena]\n wait_for_reset_state+0x54/0xa0 [ena]\n ena_com_dev_reset+0xc8/0x110 [ena]\n ena_down+0x3fe/0x480 [ena]\n ena_destroy_device+0xeb/0xf0 [ena]\n ena_fw_reset_device+0x30/0x50 [ena]\n process_one_work+0x22b/0x3d0\n worker_thread+0x4d/0x3f0\n ? process_one_work+0x3d0/0x3d0\n kthread+0x12a/0x150\n ? set_kthread_struct+0x50/0x50\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\nApparently, the reset delays are getting so large they can trigger a\nUBSAN panic.\n\nLooking at the code, the current timeout is capped at 5000us. Using a\nbase value of 100us, the current code will overflow after (1\u003c\u003c29). Even\nat values before 32, this function wraps around, perhaps\nunintentionally.\n\nCap the value of the exponent used for this backoff at (1\u003c\u003c16) which is\nlarger than currently necessary, but large enough to support bigger\nvalues in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53272",
"url": "https://www.suse.com/security/cve/CVE-2023-53272"
},
{
"category": "external",
"summary": "SUSE Bug 1249917 for CVE-2023-53272",
"url": "https://bugzilla.suse.com/1249917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53272"
},
{
"cve": "CVE-2023-53273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: vmbus: Check for channel allocation before looking up relids\n\nrelid2channel() assumes vmbus channel array to be allocated when called.\nHowever, in cases such as kdump/kexec, not all relids will be reset by the host.\nWhen the second kernel boots and if the guest receives a vmbus interrupt during\nvmbus driver initialization before vmbus_connect() is called, before it finishes,\nor if it fails, the vmbus interrupt service routine is called which in turn calls\nrelid2channel() and can cause a null pointer dereference.\n\nPrint a warning and error out in relid2channel() for a channel id that\u0027s invalid\nin the second kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53273",
"url": "https://www.suse.com/security/cve/CVE-2023-53273"
},
{
"category": "external",
"summary": "SUSE Bug 1249930 for CVE-2023-53273",
"url": "https://bugzilla.suse.com/1249930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53273"
},
{
"cve": "CVE-2023-53275",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53275"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync()\n\nThe variable codec-\u003eregmap is often protected by the lock\ncodec-\u003eregmap_lock when is accessed. However, it is accessed without\nholding the lock when is accessed in snd_hdac_regmap_sync():\n\n if (codec-\u003eregmap)\n\nIn my opinion, this may be a harmful race, because if codec-\u003eregmap is\nset to NULL right after the condition is checked, a null-pointer\ndereference can occur in the called function regcache_sync():\n\n map-\u003elock(map-\u003elock_arg); --\u003e Line 360 in drivers/base/regmap/regcache.c\n\nTo fix this possible null-pointer dereference caused by data race, the\nmutex_lock coverage is extended to protect the if statement as well as the\nfunction call to regcache_sync().\n\n[ Note: the lack of the regmap_lock itself is harmless for the current\n codec driver implementations, as snd_hdac_regmap_sync() is only for\n PM runtime resume that is prohibited during the codec probe.\n But the change makes the whole code more consistent, so it\u0027s merged\n as is -- tiwai ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53275",
"url": "https://www.suse.com/security/cve/CVE-2023-53275"
},
{
"category": "external",
"summary": "SUSE Bug 1250459 for CVE-2023-53275",
"url": "https://bugzilla.suse.com/1250459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53275"
},
{
"cve": "CVE-2023-53276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53276"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Free memory for tmpfile name\n\nWhen opening a ubifs tmpfile on an encrypted directory, function\nfscrypt_setup_filename allocates memory for the name that is to be\nstored in the directory entry, but after the name has been copied to the\ndirectory entry inode, the memory is not freed.\n\nWhen running kmemleak on it we see that it is registered as a leak. The\nreport below is triggered by a simple program \u0027tmpfile\u0027 just opening a\ntmpfile:\n\n unreferenced object 0xffff88810178f380 (size 32):\n comm \"tmpfile\", pid 509, jiffies 4294934744 (age 1524.742s)\n backtrace:\n __kmem_cache_alloc_node\n __kmalloc\n fscrypt_setup_filename\n ubifs_tmpfile\n vfs_tmpfile\n path_openat\n\nFree this memory after it has been copied to the inode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53276",
"url": "https://www.suse.com/security/cve/CVE-2023-53276"
},
{
"category": "external",
"summary": "SUSE Bug 1250309 for CVE-2023-53276",
"url": "https://bugzilla.suse.com/1250309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53276"
},
{
"cve": "CVE-2023-53277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwl3945: Add missing check for create_singlethread_workqueue\n\nAdd the check for the return value of the create_singlethread_workqueue\nin order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53277",
"url": "https://www.suse.com/security/cve/CVE-2023-53277"
},
{
"category": "external",
"summary": "SUSE Bug 1249936 for CVE-2023-53277",
"url": "https://bugzilla.suse.com/1249936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53277"
},
{
"cve": "CVE-2023-53280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53280"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Remove unused nvme_ls_waitq wait queue\n\nSystem crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up\ngets called for uninitialized wait queue sp-\u003envme_ls_waitq.\n\n qla2xxx [0000:37:00.1]-2121:5: Returning existing qpair of ffff8ae2c0513400 for idx=0\n qla2xxx [0000:37:00.1]-700e:5: qla2x00_start_sp failed = 11\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n\nRemove unused nvme_ls_waitq wait queue. nvme_ls_waitq logic was removed\npreviously in the commits tagged Fixed: below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53280",
"url": "https://www.suse.com/security/cve/CVE-2023-53280"
},
{
"category": "external",
"summary": "SUSE Bug 1249938 for CVE-2023-53280",
"url": "https://bugzilla.suse.com/1249938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53280"
},
{
"cve": "CVE-2023-53281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler()\n\nCommit 041879b12ddb (\"drivers: staging: rtl8192bs: Fix deadlock in\nrtw_joinbss_event_prehandle()\") besides fixing the deadlock also\nmodified _rtw_join_timeout_handler() to use spin_[un]lock_irq()\ninstead of spin_[un]lock_bh().\n\n_rtw_join_timeout_handler() calls rtw_do_join() which takes\npmlmepriv-\u003escanned_queue.lock using spin_[un]lock_bh(). This\nspin_unlock_bh() call re-enables softirqs which triggers an oops in\nkernel/softirq.c: __local_bh_enable_ip() when it calls\nlockdep_assert_irqs_enabled():\n\n[ 244.506087] WARNING: CPU: 2 PID: 0 at kernel/softirq.c:376 __local_bh_enable_ip+0xa6/0x100\n...\n[ 244.509022] Call Trace:\n[ 244.509048] \u003cIRQ\u003e\n[ 244.509100] _rtw_join_timeout_handler+0x134/0x170 [r8723bs]\n[ 244.509468] ? __pfx__rtw_join_timeout_handler+0x10/0x10 [r8723bs]\n[ 244.509772] ? __pfx__rtw_join_timeout_handler+0x10/0x10 [r8723bs]\n[ 244.510076] call_timer_fn+0x95/0x2a0\n[ 244.510200] __run_timers.part.0+0x1da/0x2d0\n\nThis oops is causd by the switch to spin_[un]lock_irq() which disables\nthe IRQs for the entire duration of _rtw_join_timeout_handler().\n\nDisabling the IRQs is not necessary since all code taking this lock\nruns from either user contexts or from softirqs, switch back to\nspin_[un]lock_bh() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53281",
"url": "https://www.suse.com/security/cve/CVE-2023-53281"
},
{
"category": "external",
"summary": "SUSE Bug 1249939 for CVE-2023-53281",
"url": "https://bugzilla.suse.com/1249939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53281"
},
{
"cve": "CVE-2023-53282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53282"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write\n\nDuring the sysfs firmware write process, a use-after-free read warning is\nlogged from the lpfc_wr_object() routine:\n\n BUG: KFENCE: use-after-free read in lpfc_wr_object+0x235/0x310 [lpfc]\n Use-after-free read at 0x0000000000cf164d (in kfence-#111):\n lpfc_wr_object+0x235/0x310 [lpfc]\n lpfc_write_firmware.cold+0x206/0x30d [lpfc]\n lpfc_sli4_request_firmware_update+0xa6/0x100 [lpfc]\n lpfc_request_firmware_upgrade_store+0x66/0xb0 [lpfc]\n kernfs_fop_write_iter+0x121/0x1b0\n new_sync_write+0x11c/0x1b0\n vfs_write+0x1ef/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x59/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe driver accessed wr_object pointer data, which was initialized into\nmailbox payload memory, after the mailbox object was released back to the\nmailbox pool.\n\nFix by moving the mailbox free calls to the end of the routine ensuring\nthat we don\u0027t reference internal mailbox memory after release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53282",
"url": "https://www.suse.com/security/cve/CVE-2023-53282"
},
{
"category": "external",
"summary": "SUSE Bug 1250311 for CVE-2023-53282",
"url": "https://bugzilla.suse.com/1250311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53282"
},
{
"cve": "CVE-2023-53284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()\n\nBecause of the possilble failure of devm_kzalloc(), dpu_wb_conn might\nbe NULL and will cause null pointer dereference later.\n\nTherefore, it might be better to check it and directly return -ENOMEM.\n\nPatchwork: https://patchwork.freedesktop.org/patch/512277/\n[DB: fixed typo in commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53284",
"url": "https://www.suse.com/security/cve/CVE-2023-53284"
},
{
"category": "external",
"summary": "SUSE Bug 1249940 for CVE-2023-53284",
"url": "https://bugzilla.suse.com/1249940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53284"
},
{
"cve": "CVE-2023-53286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53286"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Return the firmware result upon destroying QP/RQ\n\nPreviously when destroying a QP/RQ, the result of the firmware\ndestruction function was ignored and upper layers weren\u0027t informed\nabout the failure.\nWhich in turn could lead to various problems since when upper layer\nisn\u0027t aware of the failure it continues its operation thinking that the\nrelated QP/RQ was successfully destroyed while it actually wasn\u0027t,\nwhich could lead to the below kernel WARN.\n\nCurrently, we return the correct firmware destruction status to upper\nlayers which in case of the RQ would be mlx5_ib_destroy_wq() which\nwas already capable of handling RQ destruction failure or in case of\na QP to destroy_qp_common(), which now would actually warn upon qp\ndestruction failure.\n\nWARNING: CPU: 3 PID: 995 at drivers/infiniband/core/rdma_core.c:940 uverbs_destroy_ufile_hw+0xcb/0xe0 [ib_uverbs]\nModules linked in: xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_umad ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core overlay mlx5_core fuse\nCPU: 3 PID: 995 Comm: python3 Not tainted 5.16.0-rc5+ #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:uverbs_destroy_ufile_hw+0xcb/0xe0 [ib_uverbs]\nCode: 41 5c 41 5d 41 5e e9 44 34 f0 e0 48 89 df e8 4c 77 ff ff 49 8b 86 10 01 00 00 48 85 c0 74 a1 4c 89 e7 ff d0 eb 9a 0f 0b eb c1 \u003c0f\u003e 0b be 04 00 00 00 48 89 df e8 b6 f6 ff ff e9 75 ff ff ff 90 0f\nRSP: 0018:ffff8881533e3e78 EFLAGS: 00010287\nRAX: ffff88811b2cf3e0 RBX: ffff888106209700 RCX: 0000000000000000\nRDX: ffff888106209780 RSI: ffff8881533e3d30 RDI: ffff888109b101a0\nRBP: 0000000000000001 R08: ffff888127cb381c R09: 0de9890000000009\nR10: ffff888127cb3800 R11: 0000000000000000 R12: ffff888106209780\nR13: ffff888106209750 R14: ffff888100f20660 R15: 0000000000000000\nFS: 00007f8be353b740(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8bd5b117c0 CR3: 000000012cd8a004 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ib_uverbs_close+0x1a/0x90 [ib_uverbs]\n __fput+0x82/0x230\n task_work_run+0x59/0x90\n exit_to_user_mode_prepare+0x138/0x140\n syscall_exit_to_user_mode+0x1d/0x50\n ? __x64_sys_close+0xe/0x40\n do_syscall_64+0x4a/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f8be3ae0abb\nCode: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 83 43 f9 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 c1 43 f9 ff 8b 44\nRSP: 002b:00007ffdb51909c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003\nRAX: 0000000000000000 RBX: 0000557bb7f7c020 RCX: 00007f8be3ae0abb\nRDX: 0000557bb7c74010 RSI: 0000557bb7f14ca0 RDI: 0000000000000005\nRBP: 0000557bb7fbd598 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000293 R12: 0000557bb7fbd5b8\nR13: 0000557bb7fbd5a8 R14: 0000000000001000 R15: 0000557bb7f7c020\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53286",
"url": "https://www.suse.com/security/cve/CVE-2023-53286"
},
{
"category": "external",
"summary": "SUSE Bug 1250325 for CVE-2023-53286",
"url": "https://bugzilla.suse.com/1250325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53286"
},
{
"cve": "CVE-2023-53287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53287"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Put the cdns set active part outside the spin lock\n\nThe device may be scheduled during the resume process,\nso this cannot appear in atomic operations. Since\npm_runtime_set_active will resume suppliers, put set\nactive outside the spin lock, which is only used to\nprotect the struct cdns data structure, otherwise the\nkernel will report the following warning:\n\n BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n CPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20 #1\n Hardware name: Freescale i.MX8QM MEK (DT)\n Call trace:\n dump_backtrace.part.0+0xe0/0xf0\n show_stack+0x18/0x30\n dump_stack_lvl+0x64/0x80\n dump_stack+0x1c/0x38\n __might_resched+0x1fc/0x240\n __might_sleep+0x68/0xc0\n __pm_runtime_resume+0x9c/0xe0\n rpm_get_suppliers+0x68/0x1b0\n __pm_runtime_set_status+0x298/0x560\n cdns_resume+0xb0/0x1c0\n cdns3_controller_resume.isra.0+0x1e0/0x250\n cdns3_plat_resume+0x28/0x40",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53287",
"url": "https://www.suse.com/security/cve/CVE-2023-53287"
},
{
"category": "external",
"summary": "SUSE Bug 1250089 for CVE-2023-53287",
"url": "https://bugzilla.suse.com/1250089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53287"
},
{
"cve": "CVE-2023-53288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fix memory leak in drm_client_modeset_probe\n\nWhen a new mode is set to modeset-\u003emode, the previous mode should be freed.\nThis fixes the following kmemleak report:\n\ndrm_mode_duplicate+0x45/0x220 [drm]\ndrm_client_modeset_probe+0x944/0xf50 [drm]\n__drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]\ndrm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]\ndrm_client_register+0x169/0x240 [drm]\nast_pci_probe+0x142/0x190 [ast]\nlocal_pci_probe+0xdc/0x180\nwork_for_cpu_fn+0x4e/0xa0\nprocess_one_work+0x8b7/0x1540\nworker_thread+0x70a/0xed0\nkthread+0x29f/0x340\nret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53288",
"url": "https://www.suse.com/security/cve/CVE-2023-53288"
},
{
"category": "external",
"summary": "SUSE Bug 1250058 for CVE-2023-53288",
"url": "https://bugzilla.suse.com/1250058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53288"
},
{
"cve": "CVE-2023-53295",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53295"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Do not update file length for failed writes to inline files\n\nWhen write to inline file fails (or happens only partly), we still\nupdated length of inline data as if the whole write succeeded. Fix the\nupdate of length of inline data to happen only if the write succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53295",
"url": "https://www.suse.com/security/cve/CVE-2023-53295"
},
{
"category": "external",
"summary": "SUSE Bug 1250324 for CVE-2023-53295",
"url": "https://bugzilla.suse.com/1250324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53295"
},
{
"cve": "CVE-2023-53297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: fix \"bad unlock balance\" in l2cap_disconnect_rsp\n\nconn-\u003echan_lock isn\u0027t acquired before l2cap_get_chan_by_scid,\nif l2cap_get_chan_by_scid returns NULL, then \u0027bad unlock balance\u0027\nis triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53297",
"url": "https://www.suse.com/security/cve/CVE-2023-53297"
},
{
"category": "external",
"summary": "SUSE Bug 1250322 for CVE-2023-53297",
"url": "https://bugzilla.suse.com/1250322"
},
{
"category": "external",
"summary": "SUSE Bug 1250728 for CVE-2023-53297",
"url": "https://bugzilla.suse.com/1250728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53297"
},
{
"cve": "CVE-2023-53298",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53298"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix memory leak of se_io context in nfc_genl_se_io\n\nThe callback context for sending/receiving APDUs to/from the selected\nsecure element is allocated inside nfc_genl_se_io and supposed to be\neventually freed in se_io_cb callback function. However, there are several\nerror paths where the bwi_timer is not charged to call se_io_cb later, and\nthe cb_context is leaked.\n\nThe patch proposes to free the cb_context explicitly on those error paths.\n\nAt the moment we can\u0027t simply check \u0027dev-\u003eops-\u003ese_io()\u0027 return value as it\nmay be negative in both cases: when the timer was charged and was not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53298",
"url": "https://www.suse.com/security/cve/CVE-2023-53298"
},
{
"category": "external",
"summary": "SUSE Bug 1249944 for CVE-2023-53298",
"url": "https://bugzilla.suse.com/1249944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53298"
},
{
"cve": "CVE-2023-53299",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53299"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix leak of \u0027r10bio-\u003eremaining\u0027 for recovery\n\nraid10_sync_request() will add \u0027r10bio-\u003eremaining\u0027 for both rdev and\nreplacement rdev. However, if the read io fails, recovery_request_write()\nreturns without issuing the write io, in this case, end_sync_request()\nis only called once and \u0027remaining\u0027 is leaked, cause an io hang.\n\nFix the problem by decreasing \u0027remaining\u0027 according to if \u0027bio\u0027 and\n\u0027repl_bio\u0027 is valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53299",
"url": "https://www.suse.com/security/cve/CVE-2023-53299"
},
{
"category": "external",
"summary": "SUSE Bug 1249927 for CVE-2023-53299",
"url": "https://bugzilla.suse.com/1249927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53299"
},
{
"cve": "CVE-2023-53302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwl4965: Add missing check for create_singlethread_workqueue()\n\nAdd the check for the return value of the create_singlethread_workqueue()\nin order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53302",
"url": "https://www.suse.com/security/cve/CVE-2023-53302"
},
{
"category": "external",
"summary": "SUSE Bug 1249958 for CVE-2023-53302",
"url": "https://bugzilla.suse.com/1249958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53302"
},
{
"cve": "CVE-2023-53304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: fix overlap expiration walk\n\nThe lazy gc on insert that should remove timed-out entries fails to release\nthe other half of the interval, if any.\n\nCan be reproduced with tests/shell/testcases/sets/0044interval_overlap_0\nin nftables.git and kmemleak enabled kernel.\n\nSecond bug is the use of rbe_prev vs. prev pointer.\nIf rbe_prev() returns NULL after at least one iteration, rbe_prev points\nto element that is not an end interval, hence it should not be removed.\n\nLastly, check the genmask of the end interval if this is active in the\ncurrent generation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53304",
"url": "https://www.suse.com/security/cve/CVE-2023-53304"
},
{
"category": "external",
"summary": "SUSE Bug 1249923 for CVE-2023-53304",
"url": "https://bugzilla.suse.com/1249923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53304"
},
{
"cve": "CVE-2023-53305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free\n\nFix potential use-after-free in l2cap_le_command_rej.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53305",
"url": "https://www.suse.com/security/cve/CVE-2023-53305"
},
{
"category": "external",
"summary": "SUSE Bug 1250049 for CVE-2023-53305",
"url": "https://bugzilla.suse.com/1250049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53305"
},
{
"cve": "CVE-2023-53309",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53309"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: Fix integer overflow in radeon_cs_parser_init\n\nThe type of size is unsigned, if size is 0x40000000, there will be an\ninteger overflow, size will be zero after size *= sizeof(uint32_t),\nwill cause uninitialized memory to be referenced later",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53309",
"url": "https://www.suse.com/security/cve/CVE-2023-53309"
},
{
"category": "external",
"summary": "SUSE Bug 1250055 for CVE-2023-53309",
"url": "https://bugzilla.suse.com/1250055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53309"
},
{
"cve": "CVE-2023-53311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53311"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput\n\nDuring unmount process of nilfs2, nothing holds nilfs_root structure after\nnilfs2 detaches its writer in nilfs_detach_log_writer(). Previously,\nnilfs_evict_inode() could cause use-after-free read for nilfs_root if\ninodes are left in \"garbage_list\" and released by nilfs_dispose_list at\nthe end of nilfs_detach_log_writer(), and this bug was fixed by commit\n9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root in\nnilfs_evict_inode()\").\n\nHowever, it turned out that there is another possibility of UAF in the\ncall path where mark_inode_dirty_sync() is called from iput():\n\nnilfs_detach_log_writer()\n nilfs_dispose_list()\n iput()\n mark_inode_dirty_sync()\n __mark_inode_dirty()\n nilfs_dirty_inode()\n __nilfs_mark_inode_dirty()\n nilfs_load_inode_block() --\u003e causes UAF of nilfs_root struct\n\nThis can happen after commit 0ae45f63d4ef (\"vfs: add support for a\nlazytime mount option\"), which changed iput() to call\nmark_inode_dirty_sync() on its final reference if i_state has I_DIRTY_TIME\nflag and i_nlink is non-zero.\n\nThis issue appears after commit 28a65b49eb53 (\"nilfs2: do not write dirty\ndata after degenerating to read-only\") when using the syzbot reproducer,\nbut the issue has potentially existed before.\n\nFix this issue by adding a \"purging flag\" to the nilfs structure, setting\nthat flag while disposing the \"garbage_list\" and checking it in\n__nilfs_mark_inode_dirty().\n\nUnlike commit 9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root\nin nilfs_evict_inode()\"), this patch does not rely on ns_writer to\ndetermine whether to skip operations, so as not to break recovery on\nmount. The nilfs_salvage_orphan_logs routine dirties the buffer of\nsalvaged data before attaching the log writer, so changing\n__nilfs_mark_inode_dirty() to skip the operation when ns_writer is NULL\nwill cause recovery write to fail. The purpose of using the cleanup-only\nflag is to allow for narrowing of such conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53311",
"url": "https://www.suse.com/security/cve/CVE-2023-53311"
},
{
"category": "external",
"summary": "SUSE Bug 1250062 for CVE-2023-53311",
"url": "https://bugzilla.suse.com/1250062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53311"
},
{
"cve": "CVE-2023-53313",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53313"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix wrong setting of max_corr_read_errors\n\nThere is no input check when echo md/max_read_errors and overflow might\noccur. Add check of input number.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53313",
"url": "https://www.suse.com/security/cve/CVE-2023-53313"
},
{
"category": "external",
"summary": "SUSE Bug 1249911 for CVE-2023-53313",
"url": "https://bugzilla.suse.com/1249911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53313"
},
{
"cve": "CVE-2023-53314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53314"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev/ep93xx-fb: Do not assign to struct fb_info.dev\n\nDo not assing the Linux device to struct fb_info.dev. The call to\nregister_framebuffer() initializes the field to the fbdev device.\nDrivers should not override its value.\n\nFixes a bug where the driver incorrectly decreases the hardware\ndevice\u0027s reference counter and leaks the fbdev device.\n\nv2:\n\t* add Fixes tag (Dan)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53314",
"url": "https://www.suse.com/security/cve/CVE-2023-53314"
},
{
"category": "external",
"summary": "SUSE Bug 1250065 for CVE-2023-53314",
"url": "https://bugzilla.suse.com/1250065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53314"
},
{
"cve": "CVE-2023-53315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53315"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: Fix SKB corruption in REO destination ring\n\nWhile running traffics for a long time, randomly an RX descriptor\nfilled with value \"0\" from REO destination ring is received.\nThis descriptor which is invalid causes the wrong SKB (SKB stored in\nthe IDR lookup with buffer id \"0\") to be fetched which in turn\ncauses SKB memory corruption issue and the same leads to crash\nafter some time.\n\nChanged the start id for idr allocation to \"1\" and the buffer id \"0\"\nis reserved for error validation. Introduced Sanity check to validate\nthe descriptor, before processing the SKB.\n\nCrash Signature :\n\nUnable to handle kernel paging request at virtual address 3f004900\nPC points to \"b15_dma_inv_range+0x30/0x50\"\nLR points to \"dma_cache_maint_page+0x8c/0x128\".\nThe Backtrace obtained is as follows:\n[\u003c8031716c\u003e] (b15_dma_inv_range) from [\u003c80313a4c\u003e] (dma_cache_maint_page+0x8c/0x128)\n[\u003c80313a4c\u003e] (dma_cache_maint_page) from [\u003c80313b90\u003e] (__dma_page_dev_to_cpu+0x28/0xcc)\n[\u003c80313b90\u003e] (__dma_page_dev_to_cpu) from [\u003c7fb5dd68\u003e] (ath11k_dp_process_rx+0x1e8/0x4a4 [ath11k])\n[\u003c7fb5dd68\u003e] (ath11k_dp_process_rx [ath11k]) from [\u003c7fb53c20\u003e] (ath11k_dp_service_srng+0xb0/0x2ac [ath11k])\n[\u003c7fb53c20\u003e] (ath11k_dp_service_srng [ath11k]) from [\u003c7f67bba4\u003e] (ath11k_pci_ext_grp_napi_poll+0x1c/0x78 [ath11k_pci])\n[\u003c7f67bba4\u003e] (ath11k_pci_ext_grp_napi_poll [ath11k_pci]) from [\u003c807d5cf4\u003e] (__napi_poll+0x28/0xb8)\n[\u003c807d5cf4\u003e] (__napi_poll) from [\u003c807d5f28\u003e] (net_rx_action+0xf0/0x280)\n[\u003c807d5f28\u003e] (net_rx_action) from [\u003c80302148\u003e] (__do_softirq+0xd0/0x280)\n[\u003c80302148\u003e] (__do_softirq) from [\u003c80320408\u003e] (irq_exit+0x74/0xd4)\n[\u003c80320408\u003e] (irq_exit) from [\u003c803638a4\u003e] (__handle_domain_irq+0x90/0xb4)\n[\u003c803638a4\u003e] (__handle_domain_irq) from [\u003c805bedec\u003e] (gic_handle_irq+0x58/0x90)\n[\u003c805bedec\u003e] (gic_handle_irq) from [\u003c80301a78\u003e] (__irq_svc+0x58/0x8c)\n\nTested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53315",
"url": "https://www.suse.com/security/cve/CVE-2023-53315"
},
{
"category": "external",
"summary": "SUSE Bug 1250303 for CVE-2023-53315",
"url": "https://bugzilla.suse.com/1250303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53315"
},
{
"cve": "CVE-2023-53316",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53316"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: Free resources after unregistering them\n\nThe DP component\u0027s unbind operation walks through the submodules to\nunregister and clean things up. But if the unbind happens because the DP\ncontroller itself is being removed, all the memory for those submodules\nhas just been freed.\n\nChange the order of these operations to avoid the many use-after-free\nthat otherwise happens in this code path.\n\nPatchwork: https://patchwork.freedesktop.org/patch/542166/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53316",
"url": "https://www.suse.com/security/cve/CVE-2023-53316"
},
{
"category": "external",
"summary": "SUSE Bug 1250066 for CVE-2023-53316",
"url": "https://bugzilla.suse.com/1250066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53316"
},
{
"cve": "CVE-2023-53317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53317"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix WARNING in mb_find_extent\n\nSyzbot found the following issue:\n\nEXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!\nEXT4-fs (loop0): orphan cleanup on readonly fs\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 5067 at fs/ext4/mballoc.c:1869 mb_find_extent+0x8a1/0xe30\nModules linked in:\nCPU: 1 PID: 5067 Comm: syz-executor307 Not tainted 6.2.0-rc1-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nRIP: 0010:mb_find_extent+0x8a1/0xe30 fs/ext4/mballoc.c:1869\nRSP: 0018:ffffc90003c9e098 EFLAGS: 00010293\nRAX: ffffffff82405731 RBX: 0000000000000041 RCX: ffff8880783457c0\nRDX: 0000000000000000 RSI: 0000000000000041 RDI: 0000000000000040\nRBP: 0000000000000040 R08: ffffffff82405723 R09: ffffed10053c9402\nR10: ffffed10053c9402 R11: 1ffff110053c9401 R12: 0000000000000000\nR13: ffffc90003c9e538 R14: dffffc0000000000 R15: ffffc90003c9e2cc\nFS: 0000555556665300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056312f6796f8 CR3: 0000000022437000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ext4_mb_complex_scan_group+0x353/0x1100 fs/ext4/mballoc.c:2307\n ext4_mb_regular_allocator+0x1533/0x3860 fs/ext4/mballoc.c:2735\n ext4_mb_new_blocks+0xddf/0x3db0 fs/ext4/mballoc.c:5605\n ext4_ext_map_blocks+0x1868/0x6880 fs/ext4/extents.c:4286\n ext4_map_blocks+0xa49/0x1cc0 fs/ext4/inode.c:651\n ext4_getblk+0x1b9/0x770 fs/ext4/inode.c:864\n ext4_bread+0x2a/0x170 fs/ext4/inode.c:920\n ext4_quota_write+0x225/0x570 fs/ext4/super.c:7105\n write_blk fs/quota/quota_tree.c:64 [inline]\n get_free_dqblk+0x34a/0x6d0 fs/quota/quota_tree.c:130\n do_insert_tree+0x26b/0x1aa0 fs/quota/quota_tree.c:340\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\n dq_insert_tree fs/quota/quota_tree.c:401 [inline]\n qtree_write_dquot+0x3b6/0x530 fs/quota/quota_tree.c:420\n v2_write_dquot+0x11b/0x190 fs/quota/quota_v2.c:358\n dquot_acquire+0x348/0x670 fs/quota/dquot.c:444\n ext4_acquire_dquot+0x2dc/0x400 fs/ext4/super.c:6740\n dqget+0x999/0xdc0 fs/quota/dquot.c:914\n __dquot_initialize+0x3d0/0xcf0 fs/quota/dquot.c:1492\n ext4_process_orphan+0x57/0x2d0 fs/ext4/orphan.c:329\n ext4_orphan_cleanup+0xb60/0x1340 fs/ext4/orphan.c:474\n __ext4_fill_super fs/ext4/super.c:5516 [inline]\n ext4_fill_super+0x81cd/0x8700 fs/ext4/super.c:5644\n get_tree_bdev+0x400/0x620 fs/super.c:1282\n vfs_get_tree+0x88/0x270 fs/super.c:1489\n do_new_mount+0x289/0xad0 fs/namespace.c:3145\n do_mount fs/namespace.c:3488 [inline]\n __do_sys_mount fs/namespace.c:3697 [inline]\n __se_sys_mount+0x2d3/0x3c0 fs/namespace.c:3674\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nAdd some debug information:\nmb_find_extent: mb_find_extent block=41, order=0 needed=64 next=0 ex=0/41/1@3735929054 64 64 7\nblock_bitmap: ff 3f 0c 00 fc 01 00 00 d2 3d 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAcctually, blocks per group is 64, but block bitmap indicate at least has\n128 blocks. Now, ext4_validate_block_bitmap() didn\u0027t check invalid block\u0027s\nbitmap if set.\nTo resolve above issue, add check like fsck \"Padding at end of block bitmap is\nnot set\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53317",
"url": "https://www.suse.com/security/cve/CVE-2023-53317"
},
{
"category": "external",
"summary": "SUSE Bug 1250081 for CVE-2023-53317",
"url": "https://bugzilla.suse.com/1250081"
},
{
"category": "external",
"summary": "SUSE Bug 1250194 for CVE-2023-53317",
"url": "https://bugzilla.suse.com/1250194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53317"
},
{
"cve": "CVE-2023-53320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()\n\nThe function mpi3mr_get_all_tgt_info() has four issues:\n\n1) It calculates valid entry length in alltgt_info assuming the header part\n of the struct mpi3mr_device_map_info would equal to sizeof(u32). The\n correct size is sizeof(u64).\n\n2) When it calculates the valid entry length kern_entrylen, it excludes one\n entry by subtracting 1 from num_devices.\n\n3) It copies num_device by calling memcpy(). Substitution is enough.\n\n4) It does not specify the calculated length to sg_copy_from_buffer().\n Instead, it specifies the payload length which is larger than the\n alltgt_info size. It causes \"BUG: KASAN: slab-out-of-bounds\".\n\nFix the issues by using the correct header size, removing the subtraction\nfrom num_devices, replacing the memcpy() with substitution and specifying\nthe correct length to sg_copy_from_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53320",
"url": "https://www.suse.com/security/cve/CVE-2023-53320"
},
{
"category": "external",
"summary": "SUSE Bug 1250068 for CVE-2023-53320",
"url": "https://bugzilla.suse.com/1250068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53320"
},
{
"cve": "CVE-2023-53321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: drop short frames\n\nWhile technically some control frames like ACK are shorter and\nend after Address 1, such frames shouldn\u0027t be forwarded through\nwmediumd or similar userspace, so require the full 3-address\nheader to avoid accessing invalid memory if shorter frames are\npassed in.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53321",
"url": "https://www.suse.com/security/cve/CVE-2023-53321"
},
{
"category": "external",
"summary": "SUSE Bug 1250313 for CVE-2023-53321",
"url": "https://bugzilla.suse.com/1250313"
},
{
"category": "external",
"summary": "SUSE Bug 1250314 for CVE-2023-53321",
"url": "https://bugzilla.suse.com/1250314"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53321"
},
{
"cve": "CVE-2023-53322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53322"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Wait for io return on terminate rport\n\nSystem crash due to use after free.\nCurrent code allows terminate_rport_io to exit before making\nsure all IOs has returned. For FCP-2 device, IO\u0027s can hang\non in HW because driver has not tear down the session in FW at\nfirst sign of cable pull. When dev_loss_tmo timer pops,\nterminate_rport_io is called and upper layer is about to\nfree various resources. Terminate_rport_io trigger qla to do\nthe final cleanup, but the cleanup might not be fast enough where it\nleave qla still holding on to the same resource.\n\nWait for IO\u0027s to return to upper layer before resources are freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53322",
"url": "https://www.suse.com/security/cve/CVE-2023-53322"
},
{
"category": "external",
"summary": "SUSE Bug 1250323 for CVE-2023-53322",
"url": "https://bugzilla.suse.com/1250323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53322"
},
{
"cve": "CVE-2023-53324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Don\u0027t leak some plane state\n\nApparently no one noticed that mdp5 plane states leak like a sieve\never since we introduced plane_state-\u003ecommit refcount a few years ago\nin 21a01abbe32a (\"drm/atomic: Fix freeing connector/plane state too\nearly by tracking commits, v3.\")\n\nFix it by using the right helpers.\n\nPatchwork: https://patchwork.freedesktop.org/patch/551236/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53324",
"url": "https://www.suse.com/security/cve/CVE-2023-53324"
},
{
"category": "external",
"summary": "SUSE Bug 1250070 for CVE-2023-53324",
"url": "https://bugzilla.suse.com/1250070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53324"
},
{
"cve": "CVE-2023-53326",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53326"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc: Don\u0027t try to copy PPR for task with NULL pt_regs\n\npowerpc sets up PF_KTHREAD and PF_IO_WORKER with a NULL pt_regs, which\nfrom my (arguably very short) checking is not commonly done for other\narchs. This is fine, except when PF_IO_WORKER\u0027s have been created and\nthe task does something that causes a coredump to be generated. Then we\nget this crash:\n\n Kernel attempted to read user page (160) - exploit attempt? (uid: 1000)\n BUG: Kernel NULL pointer dereference on read at 0x00000160\n Faulting instruction address: 0xc0000000000c3a60\n Oops: Kernel access of bad area, sig: 11 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=32 NUMA pSeries\n Modules linked in: bochs drm_vram_helper drm_kms_helper xts binfmt_misc ecb ctr syscopyarea sysfillrect cbc sysimgblt drm_ttm_helper aes_generic ttm sg libaes evdev joydev virtio_balloon vmx_crypto gf128mul drm dm_mod fuse loop configfs drm_panel_orientation_quirks ip_tables x_tables autofs4 hid_generic usbhid hid xhci_pci xhci_hcd usbcore usb_common sd_mod\n CPU: 1 PID: 1982 Comm: ppc-crash Not tainted 6.3.0-rc2+ #88\n Hardware name: IBM pSeries (emulated by qemu) POWER9 (raw) 0x4e1202 0xf000005 of:SLOF,HEAD hv:linux,kvm pSeries\n NIP: c0000000000c3a60 LR: c000000000039944 CTR: c0000000000398e0\n REGS: c0000000041833b0 TRAP: 0300 Not tainted (6.3.0-rc2+)\n MSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 88082828 XER: 200400f8\n ...\n NIP memcpy_power7+0x200/0x7d0\n LR ppr_get+0x64/0xb0\n Call Trace:\n ppr_get+0x40/0xb0 (unreliable)\n __regset_get+0x180/0x1f0\n regset_get_alloc+0x64/0x90\n elf_core_dump+0xb98/0x1b60\n do_coredump+0x1c34/0x24a0\n get_signal+0x71c/0x1410\n do_notify_resume+0x140/0x6f0\n interrupt_exit_user_prepare_main+0x29c/0x320\n interrupt_exit_user_prepare+0x6c/0xa0\n interrupt_return_srr_user+0x8/0x138\n\nBecause ppr_get() is trying to copy from a PF_IO_WORKER with a NULL\npt_regs.\n\nCheck for a valid pt_regs in both ppc_get/ppr_set, and return an error\nif not set. The actual error value doesn\u0027t seem to be important here, so\njust pick -EINVAL.\n\n[mpe: Trim oops in change log, add Fixes \u0026 Cc stable]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53326",
"url": "https://www.suse.com/security/cve/CVE-2023-53326"
},
{
"category": "external",
"summary": "SUSE Bug 1250071 for CVE-2023-53326",
"url": "https://bugzilla.suse.com/1250071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53326"
},
{
"cve": "CVE-2023-53330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53330"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncaif: fix memory leak in cfctrl_linkup_request()\n\nWhen linktype is unknown or kzalloc failed in cfctrl_linkup_request(),\npkt is not released. Add release process to error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53330",
"url": "https://www.suse.com/security/cve/CVE-2023-53330"
},
{
"category": "external",
"summary": "SUSE Bug 1249954 for CVE-2023-53330",
"url": "https://bugzilla.suse.com/1249954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53330"
},
{
"cve": "CVE-2023-53331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53331"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/ram: Check start of empty przs during init\n\nAfter commit 30696378f68a (\"pstore/ram: Do not treat empty buffers as\nvalid\"), initialization would assume a prz was valid after seeing that\nthe buffer_size is zero (regardless of the buffer start position). This\nunchecked start value means it could be outside the bounds of the buffer,\nleading to future access panics when written to:\n\n sysdump_panic_event+0x3b4/0x5b8\n atomic_notifier_call_chain+0x54/0x90\n panic+0x1c8/0x42c\n die+0x29c/0x2a8\n die_kernel_fault+0x68/0x78\n __do_kernel_fault+0x1c4/0x1e0\n do_bad_area+0x40/0x100\n do_translation_fault+0x68/0x80\n do_mem_abort+0x68/0xf8\n el1_da+0x1c/0xc0\n __raw_writeb+0x38/0x174\n __memcpy_toio+0x40/0xac\n persistent_ram_update+0x44/0x12c\n persistent_ram_write+0x1a8/0x1b8\n ramoops_pstore_write+0x198/0x1e8\n pstore_console_write+0x94/0xe0\n ...\n\nTo avoid this, also check if the prz start is 0 during the initialization\nphase. If not, the next prz sanity check case will discover it (start \u003e\nsize) and zap the buffer back to a sane state.\n\n[kees: update commit log with backtrace and clarifications]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53331",
"url": "https://www.suse.com/security/cve/CVE-2023-53331"
},
{
"category": "external",
"summary": "SUSE Bug 1249950 for CVE-2023-53331",
"url": "https://bugzilla.suse.com/1249950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53331"
},
{
"cve": "CVE-2023-53332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53332"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()\n\nIf ipi_send_{mask|single}() is called with an invalid interrupt number, all\nthe local variables there will be NULL. ipi_send_verify() which is invoked\nfrom these functions does verify its \u0027data\u0027 parameter, resulting in a\nkernel oops in irq_data_get_affinity_mask() as the passed NULL pointer gets\ndereferenced.\n\nAdd a missing NULL pointer check in ipi_send_verify()...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53332",
"url": "https://www.suse.com/security/cve/CVE-2023-53332"
},
{
"category": "external",
"summary": "SUSE Bug 1249951 for CVE-2023-53332",
"url": "https://bugzilla.suse.com/1249951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53332"
},
{
"cve": "CVE-2023-53333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one\n\nEric Dumazet says:\n nf_conntrack_dccp_packet() has an unique:\n\n dh = skb_header_pointer(skb, dataoff, sizeof(_dh), \u0026_dh);\n\n And nothing more is \u0027pulled\u0027 from the packet, depending on the content.\n dh-\u003edccph_doff, and/or dh-\u003edccph_x ...)\n So dccp_ack_seq() is happily reading stuff past the _dh buffer.\n\nBUG: KASAN: stack-out-of-bounds in nf_conntrack_dccp_packet+0x1134/0x11c0\nRead of size 4 at addr ffff000128f66e0c by task syz-executor.2/29371\n[..]\n\nFix this by increasing the stack buffer to also include room for\nthe extra sequence numbers and all the known dccp packet type headers,\nthen pull again after the initial validation of the basic header.\n\nWhile at it, mark packets invalid that lack 48bit sequence bit but\nwhere RFC says the type MUST use them.\n\nCompile tested only.\n\nv2: first skb_header_pointer() now needs to adjust the size to\n only pull the generic header. (Eric)\n\nHeads-up: I intend to remove dccp conntrack support later this year.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53333",
"url": "https://www.suse.com/security/cve/CVE-2023-53333"
},
{
"category": "external",
"summary": "SUSE Bug 1249949 for CVE-2023-53333",
"url": "https://bugzilla.suse.com/1249949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53333"
},
{
"cve": "CVE-2023-53334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53334"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: chipidea: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53334",
"url": "https://www.suse.com/security/cve/CVE-2023-53334"
},
{
"category": "external",
"summary": "SUSE Bug 1250077 for CVE-2023-53334",
"url": "https://bugzilla.suse.com/1250077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53334"
},
{
"cve": "CVE-2023-53335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53335"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()\n\nIf get_ep_from_tid() fails to lookup non-NULL value for ep, ep is\ndereferenced later regardless of whether it is empty.\nThis patch adds a simple sanity check to fix the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53335",
"url": "https://www.suse.com/security/cve/CVE-2023-53335"
},
{
"category": "external",
"summary": "SUSE Bug 1250072 for CVE-2023-53335",
"url": "https://bugzilla.suse.com/1250072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53335"
},
{
"cve": "CVE-2023-53337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: do not write dirty data after degenerating to read-only\n\nAccording to syzbot\u0027s report, mark_buffer_dirty() called from\nnilfs_segctor_do_construct() outputs a warning with some patterns after\nnilfs2 detects metadata corruption and degrades to read-only mode.\n\nAfter such read-only degeneration, page cache data may be cleared through\nnilfs_clear_dirty_page() which may also clear the uptodate flag for their\nbuffer heads. However, even after the degeneration, log writes are still\nperformed by unmount processing etc., which causes mark_buffer_dirty() to\nbe called for buffer heads without the \"uptodate\" flag and causes the\nwarning.\n\nSince any writes should not be done to a read-only file system in the\nfirst place, this fixes the warning in mark_buffer_dirty() by letting\nnilfs_segctor_do_construct() abort early if in read-only mode.\n\nThis also changes the retry check of nilfs_segctor_write_out() to avoid\nunnecessary log write retries if it detects -EROFS that\nnilfs_segctor_do_construct() returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53337",
"url": "https://www.suse.com/security/cve/CVE-2023-53337"
},
{
"category": "external",
"summary": "SUSE Bug 1250315 for CVE-2023-53337",
"url": "https://bugzilla.suse.com/1250315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53337"
},
{
"cve": "CVE-2023-53340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53340"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Collect command failures data only for known commands\n\nDEVX can issue a general command, which is not used by mlx5 driver.\nIn case such command is failed, mlx5 is trying to collect the failure\ndata, However, mlx5 doesn\u0027t create a storage for this command, since\nmlx5 doesn\u0027t use it. This lead to array-index-out-of-bounds error.\n\nFix it by checking whether the command is known before collecting the\nfailure data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53340",
"url": "https://www.suse.com/security/cve/CVE-2023-53340"
},
{
"category": "external",
"summary": "SUSE Bug 1250075 for CVE-2023-53340",
"url": "https://bugzilla.suse.com/1250075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53340"
},
{
"cve": "CVE-2023-53344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53344"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write\n\nSyzkaller reported the following issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in aio_rw_done fs/aio.c:1520 [inline]\nBUG: KMSAN: uninit-value in aio_write+0x899/0x950 fs/aio.c:1600\n aio_rw_done fs/aio.c:1520 [inline]\n aio_write+0x899/0x950 fs/aio.c:1600\n io_submit_one+0x1d1c/0x3bf0 fs/aio.c:2019\n __do_sys_io_submit fs/aio.c:2078 [inline]\n __se_sys_io_submit+0x293/0x770 fs/aio.c:2048\n __x64_sys_io_submit+0x92/0xd0 fs/aio.c:2048\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:766 [inline]\n slab_alloc_node mm/slub.c:3452 [inline]\n __kmem_cache_alloc_node+0x71f/0xce0 mm/slub.c:3491\n __do_kmalloc_node mm/slab_common.c:967 [inline]\n __kmalloc+0x11d/0x3b0 mm/slab_common.c:981\n kmalloc_array include/linux/slab.h:636 [inline]\n bcm_tx_setup+0x80e/0x29d0 net/can/bcm.c:930\n bcm_sendmsg+0x3a2/0xce0 net/can/bcm.c:1351\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg net/socket.c:734 [inline]\n sock_write_iter+0x495/0x5e0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2189 [inline]\n aio_write+0x63a/0x950 fs/aio.c:1600\n io_submit_one+0x1d1c/0x3bf0 fs/aio.c:2019\n __do_sys_io_submit fs/aio.c:2078 [inline]\n __se_sys_io_submit+0x293/0x770 fs/aio.c:2048\n __x64_sys_io_submit+0x92/0xd0 fs/aio.c:2048\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nCPU: 1 PID: 5034 Comm: syz-executor350 Not tainted 6.2.0-rc6-syzkaller-80422-geda666ff2276 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023\n=====================================================\n\nWe can follow the call chain and find that \u0027bcm_tx_setup\u0027 function\ncalls \u0027memcpy_from_msg\u0027 to copy some content to the newly allocated\nframe of \u0027op-\u003eframes\u0027. After that the \u0027len\u0027 field of copied structure\nbeing compared with some constant value (64 or 8). However, if\n\u0027memcpy_from_msg\u0027 returns an error, we will compare some uninitialized\nmemory. This triggers \u0027uninit-value\u0027 issue.\n\nThis patch will add \u0027memcpy_from_msg\u0027 possible errors processing to\navoid uninit-value issue.\n\nTested via syzkaller",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53344",
"url": "https://www.suse.com/security/cve/CVE-2023-53344"
},
{
"category": "external",
"summary": "SUSE Bug 1250023 for CVE-2023-53344",
"url": "https://bugzilla.suse.com/1250023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53344"
},
{
"cve": "CVE-2023-53347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53347"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Handle pairing of E-switch via uplink un/load APIs\n\nIn case user switch a device from switchdev mode to legacy mode, mlx5\nfirst unpair the E-switch and afterwards unload the uplink vport.\nFrom the other hand, in case user remove or reload a device, mlx5\nfirst unload the uplink vport and afterwards unpair the E-switch.\n\nThe latter is causing a bug[1], hence, handle pairing of E-switch as\npart of uplink un/load APIs.\n\n[1]\nIn case VF_LAG is used, every tc fdb flow is duplicated to the peer\nesw. However, the original esw keeps a pointer to this duplicated\nflow, not the peer esw.\ne.g.: if user create tc fdb flow over esw0, the flow is duplicated\nover esw1, in FW/HW, but in SW, esw0 keeps a pointer to the duplicated\nflow.\nDuring module unload while a peer tc fdb flow is still offloaded, in\ncase the first device to be removed is the peer device (esw1 in the\nexample above), the peer net-dev is destroyed, and so the mlx5e_priv\nis memset to 0.\nAfterwards, the peer device is trying to unpair himself from the\noriginal device (esw0 in the example above). Unpair API invoke the\noriginal device to clear peer flow from its eswitch (esw0), but the\npeer flow, which is stored over the original eswitch (esw0), is\ntrying to use the peer mlx5e_priv, which is memset to 0 and result in\nbellow kernel-oops.\n\n[ 157.964081 ] BUG: unable to handle page fault for address: 000000000002ce60\n[ 157.964662 ] #PF: supervisor read access in kernel mode\n[ 157.965123 ] #PF: error_code(0x0000) - not-present page\n[ 157.965582 ] PGD 0 P4D 0\n[ 157.965866 ] Oops: 0000 [#1] SMP\n[ 157.967670 ] RIP: 0010:mlx5e_tc_del_fdb_flow+0x48/0x460 [mlx5_core]\n[ 157.976164 ] Call Trace:\n[ 157.976437 ] \u003cTASK\u003e\n[ 157.976690 ] __mlx5e_tc_del_fdb_peer_flow+0xe6/0x100 [mlx5_core]\n[ 157.977230 ] mlx5e_tc_clean_fdb_peer_flows+0x67/0x90 [mlx5_core]\n[ 157.977767 ] mlx5_esw_offloads_unpair+0x2d/0x1e0 [mlx5_core]\n[ 157.984653 ] mlx5_esw_offloads_devcom_event+0xbf/0x130 [mlx5_core]\n[ 157.985212 ] mlx5_devcom_send_event+0xa3/0xb0 [mlx5_core]\n[ 157.985714 ] esw_offloads_disable+0x5a/0x110 [mlx5_core]\n[ 157.986209 ] mlx5_eswitch_disable_locked+0x152/0x170 [mlx5_core]\n[ 157.986757 ] mlx5_eswitch_disable+0x51/0x80 [mlx5_core]\n[ 157.987248 ] mlx5_unload+0x2a/0xb0 [mlx5_core]\n[ 157.987678 ] mlx5_uninit_one+0x5f/0xd0 [mlx5_core]\n[ 157.988127 ] remove_one+0x64/0xe0 [mlx5_core]\n[ 157.988549 ] pci_device_remove+0x31/0xa0\n[ 157.988933 ] device_release_driver_internal+0x18f/0x1f0\n[ 157.989402 ] driver_detach+0x3f/0x80\n[ 157.989754 ] bus_remove_driver+0x70/0xf0\n[ 157.990129 ] pci_unregister_driver+0x34/0x90\n[ 157.990537 ] mlx5_cleanup+0xc/0x1c [mlx5_core]\n[ 157.990972 ] __x64_sys_delete_module+0x15a/0x250\n[ 157.991398 ] ? exit_to_user_mode_prepare+0xea/0x110\n[ 157.991840 ] do_syscall_64+0x3d/0x90\n[ 157.992198 ] entry_SYSCALL_64_after_hwframe+0x46/0xb0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53347",
"url": "https://www.suse.com/security/cve/CVE-2023-53347"
},
{
"category": "external",
"summary": "SUSE Bug 1250017 for CVE-2023-53347",
"url": "https://bugzilla.suse.com/1250017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53347"
},
{
"cve": "CVE-2023-53349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53349"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ov2740: Fix memleak in ov2740_init_controls()\n\nThere is a kmemleak when testing the media/i2c/ov2740.c with bpf mock\ndevice:\n\nunreferenced object 0xffff8881090e19e0 (size 16):\n comm \"51-i2c-ov2740\", pid 278, jiffies 4294781584 (age 23.613s)\n hex dump (first 16 bytes):\n 00 f3 7c 0b 81 88 ff ff 80 75 6a 09 81 88 ff ff ..|......uj.....\n backtrace:\n [\u003c000000004e9fad8f\u003e] __kmalloc_node+0x44/0x1b0\n [\u003c0000000039c802f4\u003e] kvmalloc_node+0x34/0x180\n [\u003c000000009b8b5c63\u003e] v4l2_ctrl_handler_init_class+0x11d/0x180\n[videodev]\n [\u003c0000000038644056\u003e] ov2740_probe+0x37d/0x84f [ov2740]\n [\u003c0000000092489f59\u003e] i2c_device_probe+0x28d/0x680\n [\u003c000000001038babe\u003e] really_probe+0x17c/0x3f0\n [\u003c0000000098c7af1c\u003e] __driver_probe_device+0xe3/0x170\n [\u003c00000000e1b3dc24\u003e] device_driver_attach+0x34/0x80\n [\u003c000000005a04a34d\u003e] bind_store+0x10b/0x1a0\n [\u003c00000000ce25d4f2\u003e] drv_attr_store+0x49/0x70\n [\u003c000000007d9f4e9a\u003e] sysfs_kf_write+0x8c/0xb0\n [\u003c00000000be6cff0f\u003e] kernfs_fop_write_iter+0x216/0x2e0\n [\u003c0000000031ddb40a\u003e] vfs_write+0x658/0x810\n [\u003c0000000041beecdd\u003e] ksys_write+0xd6/0x1b0\n [\u003c0000000023755840\u003e] do_syscall_64+0x38/0x90\n [\u003c00000000b2cc2da2\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nov2740_init_controls() won\u0027t clean all the allocated resources in fail\npath, which may causes the memleaks. Add v4l2_ctrl_handler_free() to\nprevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53349",
"url": "https://www.suse.com/security/cve/CVE-2023-53349"
},
{
"category": "external",
"summary": "SUSE Bug 1250015 for CVE-2023-53349",
"url": "https://bugzilla.suse.com/1250015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53349"
},
{
"cve": "CVE-2023-53352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: check null pointer before accessing when swapping\n\nAdd a check to avoid null pointer dereference as below:\n\n[ 90.002283] general protection fault, probably for non-canonical\naddress 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[ 90.002292] KASAN: null-ptr-deref in range\n[0x0000000000000000-0x0000000000000007]\n[ 90.002346] ? exc_general_protection+0x159/0x240\n[ 90.002352] ? asm_exc_general_protection+0x26/0x30\n[ 90.002357] ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm]\n[ 90.002365] ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm]\n[ 90.002373] ttm_bo_swapout+0x134/0x7f0 [ttm]\n[ 90.002383] ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm]\n[ 90.002391] ? lock_acquire+0x44d/0x4f0\n[ 90.002398] ? ttm_device_swapout+0xa5/0x260 [ttm]\n[ 90.002412] ? lock_acquired+0x355/0xa00\n[ 90.002416] ? do_raw_spin_trylock+0xb6/0x190\n[ 90.002421] ? __pfx_lock_acquired+0x10/0x10\n[ 90.002426] ? ttm_global_swapout+0x25/0x210 [ttm]\n[ 90.002442] ttm_device_swapout+0x198/0x260 [ttm]\n[ 90.002456] ? __pfx_ttm_device_swapout+0x10/0x10 [ttm]\n[ 90.002472] ttm_global_swapout+0x75/0x210 [ttm]\n[ 90.002486] ttm_tt_populate+0x187/0x3f0 [ttm]\n[ 90.002501] ttm_bo_handle_move_mem+0x437/0x590 [ttm]\n[ 90.002517] ttm_bo_validate+0x275/0x430 [ttm]\n[ 90.002530] ? __pfx_ttm_bo_validate+0x10/0x10 [ttm]\n[ 90.002544] ? kasan_save_stack+0x33/0x60\n[ 90.002550] ? kasan_set_track+0x25/0x30\n[ 90.002554] ? __kasan_kmalloc+0x8f/0xa0\n[ 90.002558] ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu]\n[ 90.003023] ? ttm_resource_alloc+0xf6/0x220 [ttm]\n[ 90.003038] amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu]\n[ 90.003210] ? __x64_sys_ioctl+0x131/0x1a0\n[ 90.003210] ? do_syscall_64+0x60/0x90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53352",
"url": "https://www.suse.com/security/cve/CVE-2023-53352"
},
{
"category": "external",
"summary": "SUSE Bug 1250006 for CVE-2023-53352",
"url": "https://bugzilla.suse.com/1250006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53352"
},
{
"cve": "CVE-2023-53356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53356"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_serial: Add null pointer check in gserial_suspend\n\nConsider a case where gserial_disconnect has already cleared\ngser-\u003eioport. And if gserial_suspend gets called afterwards,\nit will lead to accessing of gser-\u003eioport and thus causing\nnull pointer dereference.\n\nAvoid this by adding a null pointer check. Added a static\nspinlock to prevent gser-\u003eioport from becoming null after\nthe newly added null pointer check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53356",
"url": "https://www.suse.com/security/cve/CVE-2023-53356"
},
{
"category": "external",
"summary": "SUSE Bug 1249997 for CVE-2023-53356",
"url": "https://bugzilla.suse.com/1249997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53356"
},
{
"cve": "CVE-2023-53357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: check slab-out-of-bounds in md_bitmap_get_counter\n\nIf we write a large number to md/bitmap_set_bits, md_bitmap_checkpage()\nwill return -EINVAL because \u0027page \u003e= bitmap-\u003epages\u0027, but the return value\nwas not checked immediately in md_bitmap_get_counter() in order to set\n*blocks value and slab-out-of-bounds occurs.\n\nMove check of \u0027page \u003e= bitmap-\u003epages\u0027 to md_bitmap_get_counter() and\nreturn directly if true.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53357",
"url": "https://www.suse.com/security/cve/CVE-2023-53357"
},
{
"category": "external",
"summary": "SUSE Bug 1249994 for CVE-2023-53357",
"url": "https://bugzilla.suse.com/1249994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53357"
},
{
"cve": "CVE-2023-53359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic at\nonce.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53359",
"url": "https://www.suse.com/security/cve/CVE-2023-53359"
},
{
"category": "external",
"summary": "SUSE Bug 1250316 for CVE-2023-53359",
"url": "https://bugzilla.suse.com/1250316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53359"
},
{
"cve": "CVE-2023-53368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53368"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix race issue between cpu buffer write and swap\n\nWarning happened in rb_end_commit() at code:\n\tif (RB_WARN_ON(cpu_buffer, !local_read(\u0026cpu_buffer-\u003ecommitting)))\n\n WARNING: CPU: 0 PID: 139 at kernel/trace/ring_buffer.c:3142\n\trb_commit+0x402/0x4a0\n Call Trace:\n ring_buffer_unlock_commit+0x42/0x250\n trace_buffer_unlock_commit_regs+0x3b/0x250\n trace_event_buffer_commit+0xe5/0x440\n trace_event_buffer_reserve+0x11c/0x150\n trace_event_raw_event_sched_switch+0x23c/0x2c0\n __traceiter_sched_switch+0x59/0x80\n __schedule+0x72b/0x1580\n schedule+0x92/0x120\n worker_thread+0xa0/0x6f0\n\nIt is because the race between writing event into cpu buffer and swapping\ncpu buffer through file per_cpu/cpu0/snapshot:\n\n Write on CPU 0 Swap buffer by per_cpu/cpu0/snapshot on CPU 1\n -------- --------\n tracing_snapshot_write()\n [...]\n\n ring_buffer_lock_reserve()\n cpu_buffer = buffer-\u003ebuffers[cpu]; // 1. Suppose find \u0027cpu_buffer_a\u0027;\n [...]\n rb_reserve_next_event()\n [...]\n\n ring_buffer_swap_cpu()\n if (local_read(\u0026cpu_buffer_a-\u003ecommitting))\n goto out_dec;\n if (local_read(\u0026cpu_buffer_b-\u003ecommitting))\n goto out_dec;\n buffer_a-\u003ebuffers[cpu] = cpu_buffer_b;\n buffer_b-\u003ebuffers[cpu] = cpu_buffer_a;\n // 2. cpu_buffer has swapped here.\n\n rb_start_commit(cpu_buffer);\n if (unlikely(READ_ONCE(cpu_buffer-\u003ebuffer)\n != buffer)) { // 3. This check passed due to \u0027cpu_buffer-\u003ebuffer\u0027\n [...] // has not changed here.\n return NULL;\n }\n cpu_buffer_b-\u003ebuffer = buffer_a;\n cpu_buffer_a-\u003ebuffer = buffer_b;\n [...]\n\n // 4. Reserve event from \u0027cpu_buffer_a\u0027.\n\n ring_buffer_unlock_commit()\n [...]\n cpu_buffer = buffer-\u003ebuffers[cpu]; // 5. Now find \u0027cpu_buffer_b\u0027 !!!\n rb_commit(cpu_buffer)\n rb_end_commit() // 6. WARN for the wrong \u0027committing\u0027 state !!!\n\nBased on above analysis, we can easily reproduce by following testcase:\n ``` bash\n #!/bin/bash\n\n dmesg -n 7\n sysctl -w kernel.panic_on_warn=1\n TR=/sys/kernel/tracing\n echo 7 \u003e ${TR}/buffer_size_kb\n echo \"sched:sched_switch\" \u003e ${TR}/set_event\n while [ true ]; do\n echo 1 \u003e ${TR}/per_cpu/cpu0/snapshot\n done \u0026\n while [ true ]; do\n echo 1 \u003e ${TR}/per_cpu/cpu0/snapshot\n done \u0026\n while [ true ]; do\n echo 1 \u003e ${TR}/per_cpu/cpu0/snapshot\n done \u0026\n ```\n\nTo fix it, IIUC, we can use smp_call_function_single() to do the swap on\nthe target cpu where the buffer is located, so that above race would be\navoided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53368",
"url": "https://www.suse.com/security/cve/CVE-2023-53368"
},
{
"category": "external",
"summary": "SUSE Bug 1249979 for CVE-2023-53368",
"url": "https://bugzilla.suse.com/1249979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53368"
},
{
"cve": "CVE-2023-53370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53370"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix memory leak in mes self test\n\nThe fences associated with mes queue have to be freed\nup during amdgpu_ring_fini.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53370",
"url": "https://www.suse.com/security/cve/CVE-2023-53370"
},
{
"category": "external",
"summary": "SUSE Bug 1250208 for CVE-2023-53370",
"url": "https://bugzilla.suse.com/1250208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53370"
},
{
"cve": "CVE-2023-53371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create\n\nThe memory pointed to by the fs-\u003eany pointer is not freed in the error\npath of mlx5e_fs_tt_redirect_any_create, which can lead to a memory leak.\nFix by freeing the memory in the error path, thereby making the error path\nidentical to mlx5e_fs_tt_redirect_any_destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53371",
"url": "https://www.suse.com/security/cve/CVE-2023-53371"
},
{
"category": "external",
"summary": "SUSE Bug 1250112 for CVE-2023-53371",
"url": "https://bugzilla.suse.com/1250112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53371"
},
{
"cve": "CVE-2023-53373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53373"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: seqiv - Handle EBUSY correctly\n\nAs it is seqiv only handles the special return value of EINPROGERSS,\nwhich means that in all other cases it will free data related to the\nrequest.\n\nHowever, as the caller of seqiv may specify MAY_BACKLOG, we also need\nto expect EBUSY and treat it in the same way. Otherwise backlogged\nrequests will trigger a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53373",
"url": "https://www.suse.com/security/cve/CVE-2023-53373"
},
{
"category": "external",
"summary": "SUSE Bug 1250137 for CVE-2023-53373",
"url": "https://bugzilla.suse.com/1250137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53373"
},
{
"cve": "CVE-2023-53375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Free error logs of tracing instances\n\nWhen a tracing instance is removed, the error messages that hold errors\nthat occurred in the instance needs to be freed. The following reports a\nmemory leak:\n\n # cd /sys/kernel/tracing\n # mkdir instances/foo\n # echo \u0027hist:keys=x\u0027 \u003e instances/foo/events/sched/sched_switch/trigger\n # cat instances/foo/error_log\n [ 117.404795] hist:sched:sched_switch: error: Couldn\u0027t find field\n Command: hist:keys=x\n ^\n # rmdir instances/foo\n\nThen check for memory leaks:\n\n # echo scan \u003e /sys/kernel/debug/kmemleak\n # cat /sys/kernel/debug/kmemleak\nunreferenced object 0xffff88810d8ec700 (size 192):\n comm \"bash\", pid 869, jiffies 4294950577 (age 215.752s)\n hex dump (first 32 bytes):\n 60 dd 68 61 81 88 ff ff 60 dd 68 61 81 88 ff ff `.ha....`.ha....\n a0 30 8c 83 ff ff ff ff 26 00 0a 00 00 00 00 00 .0......\u0026.......\n backtrace:\n [\u003c00000000dae26536\u003e] kmalloc_trace+0x2a/0xa0\n [\u003c00000000b2938940\u003e] tracing_log_err+0x277/0x2e0\n [\u003c000000004a0e1b07\u003e] parse_atom+0x966/0xb40\n [\u003c0000000023b24337\u003e] parse_expr+0x5f3/0xdb0\n [\u003c00000000594ad074\u003e] event_hist_trigger_parse+0x27f8/0x3560\n [\u003c00000000293a9645\u003e] trigger_process_regex+0x135/0x1a0\n [\u003c000000005c22b4f2\u003e] event_trigger_write+0x87/0xf0\n [\u003c000000002cadc509\u003e] vfs_write+0x162/0x670\n [\u003c0000000059c3b9be\u003e] ksys_write+0xca/0x170\n [\u003c00000000f1cddc00\u003e] do_syscall_64+0x3e/0xc0\n [\u003c00000000868ac68c\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc\nunreferenced object 0xffff888170c35a00 (size 32):\n comm \"bash\", pid 869, jiffies 4294950577 (age 215.752s)\n hex dump (first 32 bytes):\n 0a 20 20 43 6f 6d 6d 61 6e 64 3a 20 68 69 73 74 . Command: hist\n 3a 6b 65 79 73 3d 78 0a 00 00 00 00 00 00 00 00 :keys=x.........\n backtrace:\n [\u003c000000006a747de5\u003e] __kmalloc+0x4d/0x160\n [\u003c000000000039df5f\u003e] tracing_log_err+0x29b/0x2e0\n [\u003c000000004a0e1b07\u003e] parse_atom+0x966/0xb40\n [\u003c0000000023b24337\u003e] parse_expr+0x5f3/0xdb0\n [\u003c00000000594ad074\u003e] event_hist_trigger_parse+0x27f8/0x3560\n [\u003c00000000293a9645\u003e] trigger_process_regex+0x135/0x1a0\n [\u003c000000005c22b4f2\u003e] event_trigger_write+0x87/0xf0\n [\u003c000000002cadc509\u003e] vfs_write+0x162/0x670\n [\u003c0000000059c3b9be\u003e] ksys_write+0xca/0x170\n [\u003c00000000f1cddc00\u003e] do_syscall_64+0x3e/0xc0\n [\u003c00000000868ac68c\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nThe problem is that the error log needs to be freed when the instance is\nremoved.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53375",
"url": "https://www.suse.com/security/cve/CVE-2023-53375"
},
{
"category": "external",
"summary": "SUSE Bug 1250197 for CVE-2023-53375",
"url": "https://bugzilla.suse.com/1250197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53375"
},
{
"cve": "CVE-2023-53377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53377"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent use-after-free by freeing the cfile later\n\nIn smb2_compound_op we have a possible use-after-free\nwhich can cause hard to debug problems later on.\n\nThis was revealed during stress testing with KASAN enabled\nkernel. Fixing it by moving the cfile free call to\na few lines below, after the usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53377",
"url": "https://www.suse.com/security/cve/CVE-2023-53377"
},
{
"category": "external",
"summary": "SUSE Bug 1250161 for CVE-2023-53377",
"url": "https://bugzilla.suse.com/1250161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53377"
},
{
"cve": "CVE-2023-53378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/dpt: Treat the DPT BO as a framebuffer\n\nCurrently i915_gem_object_is_framebuffer() doesn\u0027t treat the\nBO containing the framebuffer\u0027s DPT as a framebuffer itself.\nThis means eg. that the shrinker can evict the DPT BO while\nleaving the actual FB BO bound, when the DPT is allocated\nfrom regular shmem.\n\nThat causes an immediate oops during hibernate as we\ntry to rewrite the PTEs inside the already evicted\nDPT obj.\n\nTODO: presumably this might also be the reason for the\nDPT related display faults under heavy memory pressure,\nbut I\u0027m still not sure how that would happen as the object\nshould be pinned by intel_dpt_pin() while in active use by\nthe display engine...\n\n(cherry picked from commit 779cb5ba64ec7df80675a956c9022929514f517a)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53378",
"url": "https://www.suse.com/security/cve/CVE-2023-53378"
},
{
"category": "external",
"summary": "SUSE Bug 1250134 for CVE-2023-53378",
"url": "https://bugzilla.suse.com/1250134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53378"
},
{
"cve": "CVE-2023-53379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()\n\nSmatch reports:\ndrivers/usb/phy/phy-tahvo.c: tahvo_usb_probe()\nwarn: missing unwind goto?\n\nAfter geting irq, if ret \u003c 0, it will return without error handling to\nfree memory.\nJust add error handling to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53379",
"url": "https://www.suse.com/security/cve/CVE-2023-53379"
},
{
"category": "external",
"summary": "SUSE Bug 1250128 for CVE-2023-53379",
"url": "https://bugzilla.suse.com/1250128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53379"
},
{
"cve": "CVE-2023-53380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53380"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix null-ptr-deref of mreplace in raid10_sync_request\n\nThere are two check of \u0027mreplace\u0027 in raid10_sync_request(). In the first\ncheck, \u0027need_replace\u0027 will be set and \u0027mreplace\u0027 will be used later if\nno-Faulty \u0027mreplace\u0027 exists, In the second check, \u0027mreplace\u0027 will be\nset to NULL if it is Faulty, but \u0027need_replace\u0027 will not be changed\naccordingly. null-ptr-deref occurs if Faulty is set between two check.\n\nFix it by merging two checks into one. And replace \u0027need_replace\u0027 with\n\u0027mreplace\u0027 because their values are always the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53380",
"url": "https://www.suse.com/security/cve/CVE-2023-53380"
},
{
"category": "external",
"summary": "SUSE Bug 1250198 for CVE-2023-53380",
"url": "https://bugzilla.suse.com/1250198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53380"
},
{
"cve": "CVE-2023-53381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53381"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix leaked reference count of nfsd4_ssc_umount_item\n\nThe reference count of nfsd4_ssc_umount_item is not decremented\non error conditions. This prevents the laundromat from unmounting\nthe vfsmount of the source file.\n\nThis patch decrements the reference count of nfsd4_ssc_umount_item\non error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53381",
"url": "https://www.suse.com/security/cve/CVE-2023-53381"
},
{
"category": "external",
"summary": "SUSE Bug 1250118 for CVE-2023-53381",
"url": "https://bugzilla.suse.com/1250118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53381"
},
{
"cve": "CVE-2023-53383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4\n\nThe T241 platform suffers from the T241-FABRIC-4 erratum which causes\nunexpected behavior in the GIC when multiple transactions are received\nsimultaneously from different sources. This hardware issue impacts\nNVIDIA server platforms that use more than two T241 chips\ninterconnected. Each chip has support for 320 {E}SPIs.\n\nThis issue occurs when multiple packets from different GICs are\nincorrectly interleaved at the target chip. The erratum text below\nspecifies exactly what can cause multiple transfer packets susceptible\nto interleaving and GIC state corruption. GIC state corruption can\nlead to a range of problems, including kernel panics, and unexpected\nbehavior.\n\n\u003eFrom the erratum text:\n \"In some cases, inter-socket AXI4 Stream packets with multiple\n transfers, may be interleaved by the fabric when presented to ARM\n Generic Interrupt Controller. GIC expects all transfers of a packet\n to be delivered without any interleaving.\n\n The following GICv3 commands may result in multiple transfer packets\n over inter-socket AXI4 Stream interface:\n - Register reads from GICD_I* and GICD_N*\n - Register writes to 64-bit GICD registers other than GICD_IROUTERn*\n - ITS command MOVALL\n\n Multiple commands in GICv4+ utilize multiple transfer packets,\n including VMOVP, VMOVI, VMAPP, and 64-bit register accesses.\"\n\n This issue impacts system configurations with more than 2 sockets,\n that require multi-transfer packets to be sent over inter-socket\n AXI4 Stream interface between GIC instances on different sockets.\n GICv4 cannot be supported. GICv3 SW model can only be supported\n with the workaround. Single and Dual socket configurations are not\n impacted by this issue and support GICv3 and GICv4.\"\n\n\nWriting to the chip alias region of the GICD_In{E} registers except\nGICD_ICENABLERn has an equivalent effect as writing to the global\ndistributor. The SPI interrupt deactivate path is not impacted by\nthe erratum.\n\nTo fix this problem, implement a workaround that ensures read accesses\nto the GICD_In{E} registers are directed to the chip that owns the\nSPI, and disable GICv4.x features. To simplify code changes, the\ngic_configure_irq() function uses the same alias region for both read\nand write operations to GICD_ICFGR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53383",
"url": "https://www.suse.com/security/cve/CVE-2023-53383"
},
{
"category": "external",
"summary": "SUSE Bug 1250327 for CVE-2023-53383",
"url": "https://bugzilla.suse.com/1250327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53383"
},
{
"cve": "CVE-2023-53384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53384"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: avoid possible NULL skb pointer dereference\n\nIn \u0027mwifiex_handle_uap_rx_forward()\u0027, always check the value\nreturned by \u0027skb_copy()\u0027 to avoid potential NULL pointer\ndereference in \u0027mwifiex_uap_queue_bridged_pkt()\u0027, and drop\noriginal skb in case of copying failure.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53384",
"url": "https://www.suse.com/security/cve/CVE-2023-53384"
},
{
"category": "external",
"summary": "SUSE Bug 1250127 for CVE-2023-53384",
"url": "https://bugzilla.suse.com/1250127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53384"
},
{
"cve": "CVE-2023-53386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix potential use-after-free when clear keys\n\nSimilar to commit c5d2b6fa26b5 (\"Bluetooth: Fix use-after-free in\nhci_remove_ltk/hci_remove_irk\"). We can not access k after kfree_rcu()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53386",
"url": "https://www.suse.com/security/cve/CVE-2023-53386"
},
{
"category": "external",
"summary": "SUSE Bug 1250106 for CVE-2023-53386",
"url": "https://bugzilla.suse.com/1250106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53386"
},
{
"cve": "CVE-2023-53388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Clean dangling pointer on bind error path\n\nmtk_drm_bind() can fail, in which case drm_dev_put() is called,\ndestroying the drm_device object. However a pointer to it was still\nbeing held in the private object, and that pointer would be passed along\nto DRM in mtk_drm_sys_prepare() if a suspend were triggered at that\npoint, resulting in a panic. Clean the pointer when destroying the\nobject in the error path to prevent this from happening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53388",
"url": "https://www.suse.com/security/cve/CVE-2023-53388"
},
{
"category": "external",
"summary": "SUSE Bug 1250191 for CVE-2023-53388",
"url": "https://bugzilla.suse.com/1250191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53388"
},
{
"cve": "CVE-2023-53390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53390"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: base: dd: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53390",
"url": "https://www.suse.com/security/cve/CVE-2023-53390"
},
{
"category": "external",
"summary": "SUSE Bug 1250453 for CVE-2023-53390",
"url": "https://bugzilla.suse.com/1250453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53390"
},
{
"cve": "CVE-2023-53391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nshmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs\n\nAs the ramfs-based tmpfs uses ramfs_init_fs_context() for the\ninit_fs_context method, which allocates fc-\u003es_fs_info, use ramfs_kill_sb()\nto free it and avoid a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53391",
"url": "https://www.suse.com/security/cve/CVE-2023-53391"
},
{
"category": "external",
"summary": "SUSE Bug 1250117 for CVE-2023-53391",
"url": "https://bugzilla.suse.com/1250117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53391"
},
{
"cve": "CVE-2023-53393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device\n\nCurrently, when mlx5_ib_get_hw_stats() is used for device (port_num = 0),\nthere is a special handling in order to use the correct counters, but,\nport_num is being passed down the stack without any change. Also, some\nfunctions assume that port_num \u003e=1. As a result, the following oops can\noccur.\n\n BUG: unable to handle page fault for address: ffff89510294f1a8\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: 0002 [#1] SMP\n CPU: 8 PID: 1382 Comm: devlink Tainted: G W 6.1.0-rc4_for_upstream_base_2022_11_10_16_12 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:_raw_spin_lock+0xc/0x20\n Call Trace:\n \u003cTASK\u003e\n mlx5_ib_get_native_port_mdev+0x73/0xe0 [mlx5_ib]\n do_get_hw_stats.constprop.0+0x109/0x160 [mlx5_ib]\n mlx5_ib_get_hw_stats+0xad/0x180 [mlx5_ib]\n ib_setup_device_attrs+0xf0/0x290 [ib_core]\n ib_register_device+0x3bb/0x510 [ib_core]\n ? atomic_notifier_chain_register+0x67/0x80\n __mlx5_ib_add+0x2b/0x80 [mlx5_ib]\n mlx5r_probe+0xb8/0x150 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x3c/0x70\n ? driver_sysfs_add+0x6b/0x90\n really_probe+0xcd/0x380\n __driver_probe_device+0x80/0x170\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n ? driver_allows_async_probing+0x60/0x60\n ? driver_allows_async_probing+0x60/0x60\n bus_for_each_drv+0x7b/0xc0\n __device_attach+0xbc/0x200\n bus_probe_device+0x87/0xa0\n device_add+0x404/0x940\n ? dev_set_name+0x53/0x70\n __auxiliary_device_add+0x43/0x60\n add_adev+0x99/0xe0 [mlx5_core]\n mlx5_attach_device+0xc8/0x120 [mlx5_core]\n mlx5_load_one_devl_locked+0xb2/0xe0 [mlx5_core]\n devlink_reload+0x133/0x250\n devlink_nl_cmd_reload+0x480/0x570\n ? devlink_nl_pre_doit+0x44/0x2b0\n genl_family_rcv_msg_doit.isra.0+0xc2/0x110\n genl_rcv_msg+0x180/0x2b0\n ? devlink_nl_cmd_region_read_dumpit+0x540/0x540\n ? devlink_reload+0x250/0x250\n ? devlink_put+0x50/0x50\n ? genl_family_rcv_msg_doit.isra.0+0x110/0x110\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1f6/0x2c0\n netlink_sendmsg+0x237/0x490\n sock_sendmsg+0x33/0x40\n __sys_sendto+0x103/0x160\n ? handle_mm_fault+0x10e/0x290\n ? do_user_addr_fault+0x1c0/0x5f0\n __x64_sys_sendto+0x25/0x30\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nFix it by setting port_num to 1 in order to get device status and remove\nunused variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53393",
"url": "https://www.suse.com/security/cve/CVE-2023-53393"
},
{
"category": "external",
"summary": "SUSE Bug 1250114 for CVE-2023-53393",
"url": "https://bugzilla.suse.com/1250114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53393"
},
{
"cve": "CVE-2023-53395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer\n\nACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5\n\nAccording to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of no argument, AML_NO_OPERAND_RESOLVE flag is added to ASL Timer instruction opcode.\n\nWhen ASL timer instruction interpreted by ACPI interpreter, getting error. After adding AML_NO_OPERAND_RESOLVE flag to ASL Timer instruction opcode, issue is not observed.\n\n=============================================================\nUBSAN: array-index-out-of-bounds in acpica/dswexec.c:401:12 index -1 is out of range for type \u0027union acpi_operand_object *[9]\u0027\nCPU: 37 PID: 1678 Comm: cat Not tainted\n6.0.0-dev-th500-6.0.y-1+bcf8c46459e407-generic-64k\nHW name: NVIDIA BIOS v1.1.1-d7acbfc-dirty 12/19/2022 Call trace:\n dump_backtrace+0xe0/0x130\n show_stack+0x20/0x60\n dump_stack_lvl+0x68/0x84\n dump_stack+0x18/0x34\n ubsan_epilogue+0x10/0x50\n __ubsan_handle_out_of_bounds+0x80/0x90\n acpi_ds_exec_end_op+0x1bc/0x6d8\n acpi_ps_parse_loop+0x57c/0x618\n acpi_ps_parse_aml+0x1e0/0x4b4\n acpi_ps_execute_method+0x24c/0x2b8\n acpi_ns_evaluate+0x3a8/0x4bc\n acpi_evaluate_object+0x15c/0x37c\n acpi_evaluate_integer+0x54/0x15c\n show_power+0x8c/0x12c [acpi_power_meter]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53395",
"url": "https://www.suse.com/security/cve/CVE-2023-53395"
},
{
"category": "external",
"summary": "SUSE Bug 1250358 for CVE-2023-53395",
"url": "https://bugzilla.suse.com/1250358"
},
{
"category": "external",
"summary": "SUSE Bug 1250359 for CVE-2023-53395",
"url": "https://bugzilla.suse.com/1250359"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2023-53395"
},
{
"cve": "CVE-2023-53396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in do_rename\n\nIf renaming a file in an encrypted directory, function\nfscrypt_setup_filename allocates memory for a file name. This name is\nnever used, and before returning to the caller the memory for it is not\nfreed.\n\nWhen running kmemleak on it we see that it is registered as a leak. The\nreport below is triggered by a simple program \u0027rename\u0027 that renames a\nfile in an encrypted directory:\n\n unreferenced object 0xffff888101502840 (size 32):\n comm \"rename\", pid 9404, jiffies 4302582475 (age 435.735s)\n backtrace:\n __kmem_cache_alloc_node\n __kmalloc\n fscrypt_setup_filename\n do_rename\n ubifs_rename\n vfs_rename\n do_renameat2\n\nTo fix this we can remove the call to fscrypt_setup_filename as it\u0027s not\nneeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53396",
"url": "https://www.suse.com/security/cve/CVE-2023-53396"
},
{
"category": "external",
"summary": "SUSE Bug 1250200 for CVE-2023-53396",
"url": "https://bugzilla.suse.com/1250200"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53396"
},
{
"cve": "CVE-2023-53398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlx5: fix possible ptp queue fifo use-after-free\n\nFifo indexes are not checked during pop operations and it leads to\npotential use-after-free when poping from empty queue. Such case was\npossible during re-sync action. WARN_ON_ONCE covers future cases.\n\nThere were out-of-order cqe spotted which lead to drain of the queue and\nuse-after-free because of lack of fifo pointers check. Special check and\ncounter are added to avoid resync operation if SKB could not exist in the\nfifo because of OOO cqe (skb_id must be between consumer and producer\nindex).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53398",
"url": "https://www.suse.com/security/cve/CVE-2023-53398"
},
{
"category": "external",
"summary": "SUSE Bug 1250144 for CVE-2023-53398",
"url": "https://bugzilla.suse.com/1250144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53398"
},
{
"cve": "CVE-2023-53400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix Oops by 9.1 surround channel names\n\nget_line_out_pfx() may trigger an Oops by overflowing the static array\nwith more than 8 channels. This was reported for MacBookPro 12,1 with\nCirrus codec.\n\nAs a workaround, extend for the 9.1 channels and also fix the\npotential Oops by unifying the code paths accessing the same array\nwith the proper size check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53400",
"url": "https://www.suse.com/security/cve/CVE-2023-53400"
},
{
"category": "external",
"summary": "SUSE Bug 1250328 for CVE-2023-53400",
"url": "https://bugzilla.suse.com/1250328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53400"
},
{
"cve": "CVE-2023-53404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: fotg210: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53404",
"url": "https://www.suse.com/security/cve/CVE-2023-53404"
},
{
"category": "external",
"summary": "SUSE Bug 1250331 for CVE-2023-53404",
"url": "https://bugzilla.suse.com/1250331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53404"
},
{
"cve": "CVE-2023-53405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: gr_udc: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53405",
"url": "https://www.suse.com/security/cve/CVE-2023-53405"
},
{
"category": "external",
"summary": "SUSE Bug 1250454 for CVE-2023-53405",
"url": "https://bugzilla.suse.com/1250454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53405"
},
{
"cve": "CVE-2023-53406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53406",
"url": "https://www.suse.com/security/cve/CVE-2023-53406"
},
{
"category": "external",
"summary": "SUSE Bug 1250362 for CVE-2023-53406",
"url": "https://bugzilla.suse.com/1250362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53406"
},
{
"cve": "CVE-2023-53409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: base: component: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53409",
"url": "https://www.suse.com/security/cve/CVE-2023-53409"
},
{
"category": "external",
"summary": "SUSE Bug 1250418 for CVE-2023-53409",
"url": "https://bugzilla.suse.com/1250418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53409"
},
{
"cve": "CVE-2023-53413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: isp116x: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53413",
"url": "https://www.suse.com/security/cve/CVE-2023-53413"
},
{
"category": "external",
"summary": "SUSE Bug 1250370 for CVE-2023-53413",
"url": "https://bugzilla.suse.com/1250370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53413"
},
{
"cve": "CVE-2023-53414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: snic: Fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic at\nonce.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53414",
"url": "https://www.suse.com/security/cve/CVE-2023-53414"
},
{
"category": "external",
"summary": "SUSE Bug 1250425 for CVE-2023-53414",
"url": "https://bugzilla.suse.com/1250425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53414"
},
{
"cve": "CVE-2023-53415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: dwc3: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.\n\nNote, the root dentry for the debugfs directory for the device needs to\nbe saved so we don\u0027t have to keep looking it up, which required a bit\nmore refactoring to properly create and remove it when needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53415",
"url": "https://www.suse.com/security/cve/CVE-2023-53415"
},
{
"category": "external",
"summary": "SUSE Bug 1250412 for CVE-2023-53415",
"url": "https://bugzilla.suse.com/1250412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53415"
},
{
"cve": "CVE-2023-53416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: isp1362: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53416",
"url": "https://www.suse.com/security/cve/CVE-2023-53416"
},
{
"category": "external",
"summary": "SUSE Bug 1250428 for CVE-2023-53416",
"url": "https://bugzilla.suse.com/1250428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53416"
},
{
"cve": "CVE-2023-53422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53422"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fw: fix memory leak in debugfs\n\nFix a memory leak that occurs when reading the fw_info\nfile all the way, since we return NULL indicating no\nmore data, but don\u0027t free the status tracking object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53422",
"url": "https://www.suse.com/security/cve/CVE-2023-53422"
},
{
"category": "external",
"summary": "SUSE Bug 1250182 for CVE-2023-53422",
"url": "https://bugzilla.suse.com/1250182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53422"
},
{
"cve": "CVE-2023-53427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53427"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix warning and UAF when destroy the MR list\n\nIf the MR allocate failed, the MR recovery work not initialized\nand list not cleared. Then will be warning and UAF when release\nthe MR:\n\n WARNING: CPU: 4 PID: 824 at kernel/workqueue.c:3066 __flush_work.isra.0+0xf7/0x110\n CPU: 4 PID: 824 Comm: mount.cifs Not tainted 6.1.0-rc5+ #82\n RIP: 0010:__flush_work.isra.0+0xf7/0x110\n Call Trace:\n \u003cTASK\u003e\n __cancel_work_timer+0x2ba/0x2e0\n smbd_destroy+0x4e1/0x990\n _smbd_get_connection+0x1cbd/0x2110\n smbd_get_connection+0x21/0x40\n cifs_get_tcp_session+0x8ef/0xda0\n mount_get_conns+0x60/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n BUG: KASAN: use-after-free in smbd_destroy+0x4fc/0x990\n Read of size 8 at addr ffff88810b156a08 by task mount.cifs/824\n CPU: 4 PID: 824 Comm: mount.cifs Tainted: G W 6.1.0-rc5+ #82\n Call Trace:\n dump_stack_lvl+0x34/0x44\n print_report+0x171/0x472\n kasan_report+0xad/0x130\n smbd_destroy+0x4fc/0x990\n _smbd_get_connection+0x1cbd/0x2110\n smbd_get_connection+0x21/0x40\n cifs_get_tcp_session+0x8ef/0xda0\n mount_get_conns+0x60/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n Allocated by task 824:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_kmalloc+0x7a/0x90\n _smbd_get_connection+0x1b6f/0x2110\n smbd_get_connection+0x21/0x40\n cifs_get_tcp_session+0x8ef/0xda0\n mount_get_conns+0x60/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n Freed by task 824:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x2a/0x40\n ____kasan_slab_free+0x143/0x1b0\n __kmem_cache_free+0xc8/0x330\n _smbd_get_connection+0x1c6a/0x2110\n smbd_get_connection+0x21/0x40\n cifs_get_tcp_session+0x8ef/0xda0\n mount_get_conns+0x60/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nLet\u0027s initialize the MR recovery work before MR allocate to prevent\nthe warning, remove the MRs from the list to prevent the UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53427",
"url": "https://www.suse.com/security/cve/CVE-2023-53427"
},
{
"category": "external",
"summary": "SUSE Bug 1250168 for CVE-2023-53427",
"url": "https://bugzilla.suse.com/1250168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53427"
},
{
"cve": "CVE-2023-53431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Handle enclosure with just a primary component gracefully\n\nThis reverts commit 3fe97ff3d949 (\"scsi: ses: Don\u0027t attach if enclosure\nhas no components\") and introduces proper handling of case where there are\nno detected secondary components, but primary component (enumerated in\nnum_enclosures) does exist. That fix was originally proposed by Ding Hui\n\u003cdinghui@sangfor.com.cn\u003e.\n\nCompletely ignoring devices that have one primary enclosure and no\nsecondary one results in ses_intf_add() bailing completely\n\n\tscsi 2:0:0:254: enclosure has no enumerated components\n scsi 2:0:0:254: Failed to bind enclosure -12ven in valid configurations such\n\neven on valid configurations with 1 primary and 0 secondary enclosures as\nbelow:\n\n\t# sg_ses /dev/sg0\n\t 3PARdata SES 3321\n\tSupported diagnostic pages:\n\t Supported Diagnostic Pages [sdp] [0x0]\n\t Configuration (SES) [cf] [0x1]\n\t Short Enclosure Status (SES) [ses] [0x8]\n\t# sg_ses -p cf /dev/sg0\n\t 3PARdata SES 3321\n\tConfiguration diagnostic page:\n\t number of secondary subenclosures: 0\n\t generation code: 0x0\n\t enclosure descriptor list\n\t Subenclosure identifier: 0 [primary]\n\t relative ES process id: 0, number of ES processes: 1\n\t number of type descriptor headers: 1\n\t enclosure logical identifier (hex): 20000002ac02068d\n\t enclosure vendor: 3PARdata product: VV rev: 3321\n\t type descriptor header and text list\n\t Element type: Unspecified, subenclosure id: 0\n\t number of possible elements: 1\n\nThe changelog for the original fix follows\n\n=====\nWe can get a crash when disconnecting the iSCSI session,\nthe call trace like this:\n\n [ffff00002a00fb70] kfree at ffff00000830e224\n [ffff00002a00fba0] ses_intf_remove at ffff000001f200e4\n [ffff00002a00fbd0] device_del at ffff0000086b6a98\n [ffff00002a00fc50] device_unregister at ffff0000086b6d58\n [ffff00002a00fc70] __scsi_remove_device at ffff00000870608c\n [ffff00002a00fca0] scsi_remove_device at ffff000008706134\n [ffff00002a00fcc0] __scsi_remove_target at ffff0000087062e4\n [ffff00002a00fd10] scsi_remove_target at ffff0000087064c0\n [ffff00002a00fd70] __iscsi_unbind_session at ffff000001c872c4\n [ffff00002a00fdb0] process_one_work at ffff00000810f35c\n [ffff00002a00fe00] worker_thread at ffff00000810f648\n [ffff00002a00fe70] kthread at ffff000008116e98\n\nIn ses_intf_add, components count could be 0, and kcalloc 0 size scomp,\nbut not saved in edev-\u003ecomponent[i].scratch\n\nIn this situation, edev-\u003ecomponent[0].scratch is an invalid pointer,\nwhen kfree it in ses_intf_remove_enclosure, a crash like above would happen\nThe call trace also could be other random cases when kfree cannot catch\nthe invalid pointer\n\nWe should not use edev-\u003ecomponent[] array when the components count is 0\nWe also need check index when use edev-\u003ecomponent[] array in\nses_enclosure_data_process\n=====",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53431",
"url": "https://www.suse.com/security/cve/CVE-2023-53431"
},
{
"category": "external",
"summary": "SUSE Bug 1250374 for CVE-2023-53431",
"url": "https://bugzilla.suse.com/1250374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53431"
},
{
"cve": "CVE-2023-53435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncassini: Fix a memory leak in the error handling path of cas_init_one()\n\ncas_saturn_firmware_init() allocates some memory using vmalloc(). This\nmemory is freed in the .remove() function but not it the error handling\npath of the probe.\n\nAdd the missing vfree() to avoid a memory leak, should an error occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53435",
"url": "https://www.suse.com/security/cve/CVE-2023-53435"
},
{
"category": "external",
"summary": "SUSE Bug 1250159 for CVE-2023-53435",
"url": "https://bugzilla.suse.com/1250159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53435"
},
{
"cve": "CVE-2023-53436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: snic: Fix possible memory leak if device_add() fails\n\nIf device_add() returns error, the name allocated by dev_set_name() needs\nbe freed. As the comment of device_add() says, put_device() should be used\nto give up the reference in the error path. So fix this by calling\nput_device(), then the name can be freed in kobject_cleanp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53436",
"url": "https://www.suse.com/security/cve/CVE-2023-53436"
},
{
"category": "external",
"summary": "SUSE Bug 1250156 for CVE-2023-53436",
"url": "https://bugzilla.suse.com/1250156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53436"
},
{
"cve": "CVE-2023-53437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Handle cameras with invalid descriptors\n\nIf the source entity does not contain any pads, do not create a link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53437",
"url": "https://www.suse.com/security/cve/CVE-2023-53437"
},
{
"category": "external",
"summary": "SUSE Bug 1250178 for CVE-2023-53437",
"url": "https://bugzilla.suse.com/1250178"
},
{
"category": "external",
"summary": "SUSE Bug 1250710 for CVE-2023-53437",
"url": "https://bugzilla.suse.com/1250710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53437"
},
{
"cve": "CVE-2023-53438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/MCE: Always save CS register on AMD Zen IF Poison errors\n\nThe Instruction Fetch (IF) units on current AMD Zen-based systems do not\nguarantee a synchronous #MC is delivered for poison consumption errors.\nTherefore, MCG_STATUS[EIPV|RIPV] will not be set. However, the\nmicroarchitecture does guarantee that the exception is delivered within\nthe same context. In other words, the exact rIP is not known, but the\ncontext is known to not have changed.\n\nThere is no architecturally-defined method to determine this behavior.\n\nThe Code Segment (CS) register is always valid on such IF unit poison\nerrors regardless of the value of MCG_STATUS[EIPV|RIPV].\n\nAdd a quirk to save the CS register for poison consumption from the IF\nunit banks.\n\nThis is needed to properly determine the context of the error.\nOtherwise, the severity grading function will assume the context is\nIN_KERNEL due to the m-\u003ecs value being 0 (the initialized value). This\nleads to unnecessary kernel panics on data poison errors due to the\nkernel believing the poison consumption occurred in kernel context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53438",
"url": "https://www.suse.com/security/cve/CVE-2023-53438"
},
{
"category": "external",
"summary": "SUSE Bug 1250180 for CVE-2023-53438",
"url": "https://bugzilla.suse.com/1250180"
},
{
"category": "external",
"summary": "SUSE Bug 1250708 for CVE-2023-53438",
"url": "https://bugzilla.suse.com/1250708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53438"
},
{
"cve": "CVE-2023-53440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53440"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix sysfs interface lifetime\n\nThe current nilfs2 sysfs support has issues with the timing of creation\nand deletion of sysfs entries, potentially leading to null pointer\ndereferences, use-after-free, and lockdep warnings.\n\nSome of the sysfs attributes for nilfs2 per-filesystem instance refer to\nmetadata file \"cpfile\", \"sufile\", or \"dat\", but\nnilfs_sysfs_create_device_group that creates those attributes is executed\nbefore the inodes for these metadata files are loaded, and\nnilfs_sysfs_delete_device_group which deletes these sysfs entries is\ncalled after releasing their metadata file inodes.\n\nTherefore, access to some of these sysfs attributes may occur outside of\nthe lifetime of these metadata files, resulting in inode NULL pointer\ndereferences or use-after-free.\n\nIn addition, the call to nilfs_sysfs_create_device_group() is made during\nthe locking period of the semaphore \"ns_sem\" of nilfs object, so the\nshrinker call caused by the memory allocation for the sysfs entries, may\nderive lock dependencies \"ns_sem\" -\u003e (shrinker) -\u003e \"locks acquired in\nnilfs_evict_inode()\".\n\nSince nilfs2 may acquire \"ns_sem\" deep in the call stack holding other\nlocks via its error handler __nilfs_error(), this causes lockdep to report\ncircular locking. This is a false positive and no circular locking\nactually occurs as no inodes exist yet when\nnilfs_sysfs_create_device_group() is called. Fortunately, the lockdep\nwarnings can be resolved by simply moving the call to\nnilfs_sysfs_create_device_group() out of \"ns_sem\".\n\nThis fixes these sysfs issues by revising where the device\u0027s sysfs\ninterface is created/deleted and keeping its lifetime within the lifetime\nof the metadata files above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53440",
"url": "https://www.suse.com/security/cve/CVE-2023-53440"
},
{
"category": "external",
"summary": "SUSE Bug 1250151 for CVE-2023-53440",
"url": "https://bugzilla.suse.com/1250151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53440"
},
{
"cve": "CVE-2023-53442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53442"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Block switchdev mode when ADQ is active and vice versa\n\nADQ and switchdev are not supported simultaneously. Enabling both at the\nsame time can result in nullptr dereference.\n\nTo prevent this, check if ADQ is active when changing devlink mode to\nswitchdev mode, and check if switchdev is active when enabling ADQ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53442",
"url": "https://www.suse.com/security/cve/CVE-2023-53442"
},
{
"category": "external",
"summary": "SUSE Bug 1250201 for CVE-2023-53442",
"url": "https://bugzilla.suse.com/1250201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53442"
},
{
"cve": "CVE-2023-53443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53443"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak\n\nIn arizona_clk32k_enable(), we should use pm_runtime_resume_and_get()\nas pm_runtime_get_sync() will increase the refcnt even when it\nreturns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53443",
"url": "https://www.suse.com/security/cve/CVE-2023-53443"
},
{
"category": "external",
"summary": "SUSE Bug 1250457 for CVE-2023-53443",
"url": "https://bugzilla.suse.com/1250457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53443"
},
{
"cve": "CVE-2023-53444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix bulk_move corruption when adding a entry\n\nWhen the resource is the first in the bulk_move range, adding it again\n(thus moving it to the tail) will corrupt the list since the first\npointer is not moved. This eventually lead to null pointer deref in\nttm_lru_bulk_move_del()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53444",
"url": "https://www.suse.com/security/cve/CVE-2023-53444"
},
{
"category": "external",
"summary": "SUSE Bug 1250157 for CVE-2023-53444",
"url": "https://bugzilla.suse.com/1250157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53444"
},
{
"cve": "CVE-2023-53446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free\n\nStruct pcie_link_state-\u003edownstream is a pointer to the pci_dev of function\n0. Previously we retained that pointer when removing function 0, and\nsubsequent ASPM policy changes dereferenced it, resulting in a\nuse-after-free warning from KASAN, e.g.:\n\n # echo 1 \u003e /sys/bus/pci/devices/0000:03:00.0/remove\n # echo powersave \u003e /sys/module/pcie_aspm/parameters/policy\n\n BUG: KASAN: slab-use-after-free in pcie_config_aspm_link+0x42d/0x500\n Call Trace:\n kasan_report+0xae/0xe0\n pcie_config_aspm_link+0x42d/0x500\n pcie_aspm_set_policy+0x8e/0x1a0\n param_attr_store+0x162/0x2c0\n module_attr_store+0x3e/0x80\n\nPCIe spec r6.0, sec 7.5.3.7, recommends that software program the same ASPM\nControl value in all functions of multi-function devices.\n\nDisable ASPM and free the pcie_link_state when any child function is\nremoved so we can discard the dangling pcie_link_state-\u003edownstream pointer\nand maintain the same ASPM Control configuration for all functions.\n\n[bhelgaas: commit log and comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53446",
"url": "https://www.suse.com/security/cve/CVE-2023-53446"
},
{
"category": "external",
"summary": "SUSE Bug 1250145 for CVE-2023-53446",
"url": "https://bugzilla.suse.com/1250145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53446"
},
{
"cve": "CVE-2023-53448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Removed unneeded release_mem_region\n\nRemove unnecessary release_mem_region from the error path to prevent\nmem region from being released twice, which could avoid resource leak\nor other unexpected issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53448",
"url": "https://www.suse.com/security/cve/CVE-2023-53448"
},
{
"category": "external",
"summary": "SUSE Bug 1250873 for CVE-2023-53448",
"url": "https://bugzilla.suse.com/1250873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53448"
},
{
"cve": "CVE-2023-53449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53449"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: Fix potential memleak in dasd_eckd_init()\n\n`dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it\nalso needs to be freed before the error returns, just like the other\ncases in this function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53449",
"url": "https://www.suse.com/security/cve/CVE-2023-53449"
},
{
"category": "external",
"summary": "SUSE Bug 1250874 for CVE-2023-53449",
"url": "https://bugzilla.suse.com/1250874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53449"
},
{
"cve": "CVE-2023-53451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53451"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix potential NULL pointer dereference\n\nKlocwork tool reported \u0027cur_dsd\u0027 may be dereferenced. Add fix to validate\npointer before dereferencing the pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53451",
"url": "https://www.suse.com/security/cve/CVE-2023-53451"
},
{
"category": "external",
"summary": "SUSE Bug 1250831 for CVE-2023-53451",
"url": "https://bugzilla.suse.com/1250831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53451"
},
{
"cve": "CVE-2023-53452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix potential race condition between napi_init and napi_enable\n\nA race condition can happen if netdev is registered, but NAPI isn\u0027t\ninitialized yet, and meanwhile user space starts the netdev that will\nenable NAPI. Then, it hits BUG_ON():\n\n kernel BUG at net/core/dev.c:6423!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 417 Comm: iwd Not tainted 6.2.7-slab-dirty #3 eb0f5a8a9d91\n Hardware name: LENOVO 21DL/LNVNB161216, BIOS JPCN20WW(V1.06) 09/20/2022\n RIP: 0010:napi_enable+0x3f/0x50\n Code: 48 89 c2 48 83 e2 f6 f6 81 89 08 00 00 02 74 0d 48 83 ...\n RSP: 0018:ffffada1414f3548 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffffa01425802080 RCX: 0000000000000000\n RDX: 00000000000002ff RSI: ffffada14e50c614 RDI: ffffa01425808dc0\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000001 R11: 0000000000000100 R12: ffffa01425808f58\n R13: 0000000000000000 R14: ffffa01423498940 R15: 0000000000000001\n FS: 00007f5577c0a740(0000) GS:ffffa0169fc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5577a19972 CR3: 0000000125a7a000 CR4: 0000000000750ef0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n rtw89_pci_ops_start+0x1c/0x70 [rtw89_pci 6cbc75429515c181cbc386478d5cfb32ffc5a0f8]\n rtw89_core_start+0xbe/0x160 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22]\n rtw89_ops_start+0x26/0x40 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22]\n drv_start+0x42/0x100 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2]\n ieee80211_do_open+0x311/0x7d0 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2]\n ieee80211_open+0x6a/0x90 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2]\n __dev_open+0xe0/0x180\n __dev_change_flags+0x1da/0x250\n dev_change_flags+0x26/0x70\n do_setlink+0x37c/0x12c0\n ? ep_poll_callback+0x246/0x290\n ? __nla_validate_parse+0x61/0xd00\n ? __wake_up_common_lock+0x8f/0xd0\n\nTo fix this, follow Jonas\u0027 suggestion to switch the order of these\nfunctions and move register netdev to be the last step of PCI probe.\nAlso, correct the error handling of rtw89_core_register_hw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53452",
"url": "https://www.suse.com/security/cve/CVE-2023-53452"
},
{
"category": "external",
"summary": "SUSE Bug 1250762 for CVE-2023-53452",
"url": "https://bugzilla.suse.com/1250762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53452"
},
{
"cve": "CVE-2023-53453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: free iio for atombios when driver shutdown\n\nFix below kmemleak when unload radeon driver:\n\nunreferenced object 0xffff9f8608ede200 (size 512):\n comm \"systemd-udevd\", pid 326, jiffies 4294682822 (age 716.338s)\n hex dump (first 32 bytes):\n 00 00 00 00 c4 aa ec aa 14 ab 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c0000000062fadebe\u003e] kmem_cache_alloc_trace+0x2f1/0x500\n [\u003c00000000b6883cea\u003e] atom_parse+0x117/0x230 [radeon]\n [\u003c00000000158c23fd\u003e] radeon_atombios_init+0xab/0x170 [radeon]\n [\u003c00000000683f672e\u003e] si_init+0x57/0x750 [radeon]\n [\u003c00000000566cc31f\u003e] radeon_device_init+0x559/0x9c0 [radeon]\n [\u003c0000000046efabb3\u003e] radeon_driver_load_kms+0xc1/0x1a0 [radeon]\n [\u003c00000000b5155064\u003e] drm_dev_register+0xdd/0x1d0\n [\u003c0000000045fec835\u003e] radeon_pci_probe+0xbd/0x100 [radeon]\n [\u003c00000000e69ecca3\u003e] pci_device_probe+0xe1/0x160\n [\u003c0000000019484b76\u003e] really_probe.part.0+0xc1/0x2c0\n [\u003c000000003f2649da\u003e] __driver_probe_device+0x96/0x130\n [\u003c00000000231c5bb1\u003e] driver_probe_device+0x24/0xf0\n [\u003c0000000000a42377\u003e] __driver_attach+0x77/0x190\n [\u003c00000000d7574da6\u003e] bus_for_each_dev+0x7f/0xd0\n [\u003c00000000633166d2\u003e] driver_attach+0x1e/0x30\n [\u003c00000000313b05b8\u003e] bus_add_driver+0x12c/0x1e0\n\niio was allocated in atom_index_iio() called by atom_parse(),\nbut it doesn\u0027t got released when the dirver is shutdown.\nFix this kmemleak by free it in radeon_atombios_fini().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53453",
"url": "https://www.suse.com/security/cve/CVE-2023-53453"
},
{
"category": "external",
"summary": "SUSE Bug 1250761 for CVE-2023-53453",
"url": "https://bugzilla.suse.com/1250761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53453"
},
{
"cve": "CVE-2023-53454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Correct devm device reference for hidinput input_dev name\n\nReference the HID device rather than the input device for the devm\nallocation of the input_dev name. Referencing the input_dev would lead to a\nuse-after-free when the input_dev was unregistered and subsequently fires a\nuevent that depends on the name. At the point of firing the uevent, the\nname would be freed by devres management.\n\nUse devm_kasprintf to simplify the logic for allocating memory and\nformatting the input_dev name string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53454",
"url": "https://www.suse.com/security/cve/CVE-2023-53454"
},
{
"category": "external",
"summary": "SUSE Bug 1250759 for CVE-2023-53454",
"url": "https://bugzilla.suse.com/1250759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53454"
},
{
"cve": "CVE-2023-53456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla4xxx: Add length check when parsing nlattrs\n\nThere are three places that qla4xxx parses nlattrs:\n\n - qla4xxx_set_chap_entry()\n\n - qla4xxx_iface_set_param()\n\n - qla4xxx_sysfs_ddb_set_param()\n\nand each of them directly converts the nlattr to specific pointer of\nstructure without length checking. This could be dangerous as those\nattributes are not validated and a malformed nlattr (e.g., length 0) could\nresult in an OOB read that leaks heap dirty data.\n\nAdd the nla_len check before accessing the nlattr data and return EINVAL if\nthe length check fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53456",
"url": "https://www.suse.com/security/cve/CVE-2023-53456"
},
{
"category": "external",
"summary": "SUSE Bug 1250765 for CVE-2023-53456",
"url": "https://bugzilla.suse.com/1250765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53456"
},
{
"cve": "CVE-2023-53457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53457"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nFS: JFS: Fix null-ptr-deref Read in txBegin\n\n Syzkaller reported an issue where txBegin may be called\n on a superblock in a read-only mounted filesystem which leads\n to NULL pointer deref. This could be solved by checking if\n the filesystem is read-only before calling txBegin, and returning\n with appropiate error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53457",
"url": "https://www.suse.com/security/cve/CVE-2023-53457"
},
{
"category": "external",
"summary": "SUSE Bug 1250763 for CVE-2023-53457",
"url": "https://bugzilla.suse.com/1250763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53457"
},
{
"cve": "CVE-2023-53458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish()\n\nWhen the driver calls cx23885_risc_buffer() to prepare the buffer, the\nfunction call dma_alloc_coherent may fail, resulting in a empty buffer\nrisc-\u003ecpu. Later when we free the buffer or access the buffer, null ptr\nderef is triggered.\n\nThis bug is similar to the following one:\nhttps://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71.\n\nWe believe the bug can be also dynamically triggered from user side.\nSimilarly, we fix this by checking the return value of cx23885_risc_buffer()\nand the value of risc-\u003ecpu before buffer free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53458",
"url": "https://www.suse.com/security/cve/CVE-2023-53458"
},
{
"category": "external",
"summary": "SUSE Bug 1250864 for CVE-2023-53458",
"url": "https://bugzilla.suse.com/1250864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53458"
},
{
"cve": "CVE-2023-53463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53463"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Do not reset dql stats on NON_FATAL err\n\nAll ibmvnic resets, make a call to netdev_tx_reset_queue() when\nre-opening the device. netdev_tx_reset_queue() resets the num_queued\nand num_completed byte counters. These stats are used in Byte Queue\nLimit (BQL) algorithms. The difference between these two stats tracks\nthe number of bytes currently sitting on the physical NIC. ibmvnic\nincreases the number of queued bytes though calls to\nnetdev_tx_sent_queue() in the drivers xmit function. When, VIOS reports\nthat it is done transmitting bytes, the ibmvnic device increases the\nnumber of completed bytes through calls to netdev_tx_completed_queue().\nIt is important to note that the driver batches its transmit calls and\nnum_queued is increased every time that an skb is added to the next\nbatch, not necessarily when the batch is sent to VIOS for transmission.\n\nUnlike other reset types, a NON FATAL reset will not flush the sub crq\ntx buffers. Therefore, it is possible for the batched skb array to be\npartially full. So if there is call to netdev_tx_reset_queue() when\nre-opening the device, the value of num_queued (0) would not account\nfor the skb\u0027s that are currently batched. Eventually, when the batch\nis sent to VIOS, the call to netdev_tx_completed_queue() would increase\nnum_completed to a value greater than the num_queued. This causes a\nBUG_ON crash:\n\nibmvnic 30000002: Firmware reports error, cause: adapter problem.\nStarting recovery...\nibmvnic 30000002: tx error 600\nibmvnic 30000002: tx error 600\nibmvnic 30000002: tx error 600\nibmvnic 30000002: tx error 600\n------------[ cut here ]------------\nkernel BUG at lib/dynamic_queue_limits.c:27!\nOops: Exception in kernel mode, sig: 5\n[....]\nNIP dql_completed+0x28/0x1c0\nLR ibmvnic_complete_tx.isra.0+0x23c/0x420 [ibmvnic]\nCall Trace:\nibmvnic_complete_tx.isra.0+0x3f8/0x420 [ibmvnic] (unreliable)\nibmvnic_interrupt_tx+0x40/0x70 [ibmvnic]\n__handle_irq_event_percpu+0x98/0x270\n---[ end trace ]---\n\nTherefore, do not reset the dql stats when performing a NON_FATAL reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53463",
"url": "https://www.suse.com/security/cve/CVE-2023-53463"
},
{
"category": "external",
"summary": "SUSE Bug 1250867 for CVE-2023-53463",
"url": "https://bugzilla.suse.com/1250867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53463"
},
{
"cve": "CVE-2023-53464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()\n\nThe validity of sock should be checked before assignment to avoid incorrect\nvalues. Commit 57569c37f0ad (\"scsi: iscsi: iscsi_tcp: Fix null-ptr-deref\nwhile calling getpeername()\") introduced this change which may lead to\ninconsistent values of tcp_sw_conn-\u003esendpage and conn-\u003edatadgst_en.\n\nFix the issue by moving the position of the assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53464",
"url": "https://www.suse.com/security/cve/CVE-2023-53464"
},
{
"category": "external",
"summary": "SUSE Bug 1250868 for CVE-2023-53464",
"url": "https://bugzilla.suse.com/1250868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53464"
},
{
"cve": "CVE-2023-53465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: qcom: fix storing port config out-of-bounds\n\nThe \u0027qcom_swrm_ctrl-\u003epconfig\u0027 has size of QCOM_SDW_MAX_PORTS (14),\nhowever we index it starting from 1, not 0, to match real port numbers.\nThis can lead to writing port config past \u0027pconfig\u0027 bounds and\noverwriting next member of \u0027qcom_swrm_ctrl\u0027 struct. Reported also by\nsmatch:\n\n drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow \u0027ctrl-\u003epconfig\u0027 14 \u003c= 14",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53465",
"url": "https://www.suse.com/security/cve/CVE-2023-53465"
},
{
"category": "external",
"summary": "SUSE Bug 1250863 for CVE-2023-53465",
"url": "https://bugzilla.suse.com/1250863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53465"
},
{
"cve": "CVE-2023-53466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit\n\nAlways purge mcu skb queues in mt7915_mcu_exit routine even if\nmt7915_firmware_state fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53466",
"url": "https://www.suse.com/security/cve/CVE-2023-53466"
},
{
"category": "external",
"summary": "SUSE Bug 1250862 for CVE-2023-53466",
"url": "https://bugzilla.suse.com/1250862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53466"
},
{
"cve": "CVE-2023-53468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in alloc_wbufs()\n\nkmemleak reported a sequence of memory leaks, and show them as following:\n\n unreferenced object 0xffff8881575f8400 (size 1024):\n comm \"mount\", pid 19625, jiffies 4297119604 (age 20.383s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff8176cecd\u003e] __kmalloc+0x4d/0x150\n [\u003cffffffffa0406b2b\u003e] ubifs_mount+0x307b/0x7170 [ubifs]\n [\u003cffffffff819fa8fd\u003e] legacy_get_tree+0xed/0x1d0\n [\u003cffffffff81936f2d\u003e] vfs_get_tree+0x7d/0x230\n [\u003cffffffff819b2bd4\u003e] path_mount+0xdd4/0x17b0\n [\u003cffffffff819b37aa\u003e] __x64_sys_mount+0x1fa/0x270\n [\u003cffffffff83c14295\u003e] do_syscall_64+0x35/0x80\n [\u003cffffffff83e0006a\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n unreferenced object 0xffff8881798a6e00 (size 512):\n comm \"mount\", pid 19677, jiffies 4297121912 (age 37.816s)\n hex dump (first 32 bytes):\n 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n backtrace:\n [\u003cffffffff8176cecd\u003e] __kmalloc+0x4d/0x150\n [\u003cffffffffa0418342\u003e] ubifs_wbuf_init+0x52/0x480 [ubifs]\n [\u003cffffffffa0406ca5\u003e] ubifs_mount+0x31f5/0x7170 [ubifs]\n [\u003cffffffff819fa8fd\u003e] legacy_get_tree+0xed/0x1d0\n [\u003cffffffff81936f2d\u003e] vfs_get_tree+0x7d/0x230\n [\u003cffffffff819b2bd4\u003e] path_mount+0xdd4/0x17b0\n [\u003cffffffff819b37aa\u003e] __x64_sys_mount+0x1fa/0x270\n [\u003cffffffff83c14295\u003e] do_syscall_64+0x35/0x80\n [\u003cffffffff83e0006a\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe problem is that the ubifs_wbuf_init() returns an error in the\nloop which in the alloc_wbufs(), then the wbuf-\u003ebuf and wbuf-\u003einodes\nthat were successfully alloced before are not freed.\n\nFix it by adding error hanging path in alloc_wbufs() which frees\nthe memory alloced before when ubifs_wbuf_init() returns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53468",
"url": "https://www.suse.com/security/cve/CVE-2023-53468"
},
{
"category": "external",
"summary": "SUSE Bug 1250888 for CVE-2023-53468",
"url": "https://bugzilla.suse.com/1250888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53468"
},
{
"cve": "CVE-2023-53471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53471"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras\n\ngfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert.\nSo in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_error_irq\nshould be executed under such condition, otherwise, an amdgpu_irq_put\ncalltrace will occur.\n\n[ 7283.170322] RIP: 0010:amdgpu_irq_put+0x45/0x70 [amdgpu]\n[ 7283.170964] RSP: 0018:ffff9a5fc3967d00 EFLAGS: 00010246\n[ 7283.170967] RAX: ffff98d88afd3040 RBX: ffff98d89da20000 RCX: 0000000000000000\n[ 7283.170969] RDX: 0000000000000000 RSI: ffff98d89da2bef8 RDI: ffff98d89da20000\n[ 7283.170971] RBP: ffff98d89da20000 R08: ffff98d89da2ca18 R09: 0000000000000006\n[ 7283.170973] R10: ffffd5764243c008 R11: 0000000000000000 R12: 0000000000001050\n[ 7283.170975] R13: ffff98d89da38978 R14: ffffffff999ae15a R15: ffff98d880130105\n[ 7283.170978] FS: 0000000000000000(0000) GS:ffff98d996f00000(0000) knlGS:0000000000000000\n[ 7283.170981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 7283.170983] CR2: 00000000f7a9d178 CR3: 00000001c42ea000 CR4: 00000000003506e0\n[ 7283.170986] Call Trace:\n[ 7283.170988] \u003cTASK\u003e\n[ 7283.170989] gfx_v9_0_hw_fini+0x1c/0x6d0 [amdgpu]\n[ 7283.171655] amdgpu_device_ip_suspend_phase2+0x101/0x1a0 [amdgpu]\n[ 7283.172245] amdgpu_device_suspend+0x103/0x180 [amdgpu]\n[ 7283.172823] amdgpu_pmops_freeze+0x21/0x60 [amdgpu]\n[ 7283.173412] pci_pm_freeze+0x54/0xc0\n[ 7283.173419] ? __pfx_pci_pm_freeze+0x10/0x10\n[ 7283.173425] dpm_run_callback+0x98/0x200\n[ 7283.173430] __device_suspend+0x164/0x5f0\n\nv2: drop gfx11 as it\u0027s fixed in a different solution by retiring cp_ecc_irq funcs(Hawking)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53471",
"url": "https://www.suse.com/security/cve/CVE-2023-53471"
},
{
"category": "external",
"summary": "SUSE Bug 1250866 for CVE-2023-53471",
"url": "https://bugzilla.suse.com/1250866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53471"
},
{
"cve": "CVE-2023-53472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: lpc32xx: Remove handling of PWM channels\n\nBecause LPC32xx PWM controllers have only a single output which is\nregistered as the only PWM device/channel per controller, it is known in\nadvance that pwm-\u003ehwpwm value is always 0. On basis of this fact\nsimplify the code by removing operations with pwm-\u003ehwpwm, there is no\ncontrols which require channel number as input.\n\nEven though I wasn\u0027t aware at the time when I forward ported that patch,\nthis fixes a null pointer dereference as lpc32xx-\u003echip.pwms is NULL\nbefore devm_pwmchip_add() is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53472",
"url": "https://www.suse.com/security/cve/CVE-2023-53472"
},
{
"category": "external",
"summary": "SUSE Bug 1250841 for CVE-2023-53472",
"url": "https://bugzilla.suse.com/1250841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53472"
},
{
"cve": "CVE-2023-53473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: improve error handling from ext4_dirhash()\n\nThe ext4_dirhash() will *almost* never fail, especially when the hash\ntree feature was first introduced. However, with the addition of\nsupport of encrypted, casefolded file names, that function can most\ncertainly fail today.\n\nSo make sure the callers of ext4_dirhash() properly check for\nfailures, and reflect the errors back up to their callers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53473",
"url": "https://www.suse.com/security/cve/CVE-2023-53473"
},
{
"category": "external",
"summary": "SUSE Bug 1250848 for CVE-2023-53473",
"url": "https://bugzilla.suse.com/1250848"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53473"
},
{
"cve": "CVE-2023-53474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/MCE/AMD: Use an u64 for bank_map\n\nThee maximum number of MCA banks is 64 (MAX_NR_BANKS), see\n\n a0bc32b3cacf (\"x86/mce: Increase maximum number of banks to 64\").\n\nHowever, the bank_map which contains a bitfield of which banks to\ninitialize is of type unsigned int and that overflows when those bit\nnumbers are \u003e= 32, leading to UBSAN complaining correctly:\n\n UBSAN: shift-out-of-bounds in arch/x86/kernel/cpu/mce/amd.c:1365:38\n shift exponent 32 is too large for 32-bit type \u0027int\u0027\n\nChange the bank_map to a u64 and use the proper BIT_ULL() macro when\nmodifying bits in there.\n\n [ bp: Rewrite commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53474",
"url": "https://www.suse.com/security/cve/CVE-2023-53474"
},
{
"category": "external",
"summary": "SUSE Bug 1250842 for CVE-2023-53474",
"url": "https://bugzilla.suse.com/1250842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53474"
},
{
"cve": "CVE-2023-53475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53475"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: tegra: fix sleep in atomic call\n\nWhen we set the dual-role port to Host mode, we observed the following\nsplat:\n[ 167.057718] BUG: sleeping function called from invalid context at\ninclude/linux/sched/mm.h:229\n[ 167.057872] Workqueue: events tegra_xusb_usb_phy_work\n[ 167.057954] Call trace:\n[ 167.057962] dump_backtrace+0x0/0x210\n[ 167.057996] show_stack+0x30/0x50\n[ 167.058020] dump_stack_lvl+0x64/0x84\n[ 167.058065] dump_stack+0x14/0x34\n[ 167.058100] __might_resched+0x144/0x180\n[ 167.058140] __might_sleep+0x64/0xd0\n[ 167.058171] slab_pre_alloc_hook.constprop.0+0xa8/0x110\n[ 167.058202] __kmalloc_track_caller+0x74/0x2b0\n[ 167.058233] kvasprintf+0xa4/0x190\n[ 167.058261] kasprintf+0x58/0x90\n[ 167.058285] tegra_xusb_find_port_node.isra.0+0x58/0xd0\n[ 167.058334] tegra_xusb_find_port+0x38/0xa0\n[ 167.058380] tegra_xusb_padctl_get_usb3_companion+0x38/0xd0\n[ 167.058430] tegra_xhci_id_notify+0x8c/0x1e0\n[ 167.058473] notifier_call_chain+0x88/0x100\n[ 167.058506] atomic_notifier_call_chain+0x44/0x70\n[ 167.058537] tegra_xusb_usb_phy_work+0x60/0xd0\n[ 167.058581] process_one_work+0x1dc/0x4c0\n[ 167.058618] worker_thread+0x54/0x410\n[ 167.058650] kthread+0x188/0x1b0\n[ 167.058672] ret_from_fork+0x10/0x20\n\nThe function tegra_xusb_padctl_get_usb3_companion eventually calls\ntegra_xusb_find_port and this in turn calls kasprintf which might sleep\nand so cannot be called from an atomic context.\n\nFix this by moving the call to tegra_xusb_padctl_get_usb3_companion to\nthe tegra_xhci_id_work function where it is really needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53475",
"url": "https://www.suse.com/security/cve/CVE-2023-53475"
},
{
"category": "external",
"summary": "SUSE Bug 1250843 for CVE-2023-53475",
"url": "https://bugzilla.suse.com/1250843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53475"
},
{
"cve": "CVE-2023-53476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()\n\nThis condition needs to match the previous \"if (epcp-\u003estate == LISTEN) {\"\nexactly to avoid a NULL dereference of either \"listen_ep\" or \"ep\". The\nproblem is that \"epcp\" has been re-assigned so just testing\n\"if (epcp-\u003estate == LISTEN) {\" a second time is not sufficient.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53476",
"url": "https://www.suse.com/security/cve/CVE-2023-53476"
},
{
"category": "external",
"summary": "SUSE Bug 1250839 for CVE-2023-53476",
"url": "https://bugzilla.suse.com/1250839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53476"
},
{
"cve": "CVE-2023-53480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkobject: Add sanity check for kset-\u003ekobj.ktype in kset_register()\n\nWhen I register a kset in the following way:\n\tstatic struct kset my_kset;\n\tkobject_set_name(\u0026my_kset.kobj, \"my_kset\");\n ret = kset_register(\u0026my_kset);\n\nA null pointer dereference exception is occurred:\n[ 4453.568337] Unable to handle kernel NULL pointer dereference at \\\nvirtual address 0000000000000028\n... ...\n[ 4453.810361] Call trace:\n[ 4453.813062] kobject_get_ownership+0xc/0x34\n[ 4453.817493] kobject_add_internal+0x98/0x274\n[ 4453.822005] kset_register+0x5c/0xb4\n[ 4453.825820] my_kobj_init+0x44/0x1000 [my_kset]\n... ...\n\nBecause I didn\u0027t initialize my_kset.kobj.ktype.\n\nAccording to the description in Documentation/core-api/kobject.rst:\n - A ktype is the type of object that embeds a kobject. Every structure\n that embeds a kobject needs a corresponding ktype.\n\nSo add sanity check to make sure kset-\u003ekobj.ktype is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53480",
"url": "https://www.suse.com/security/cve/CVE-2023-53480"
},
{
"category": "external",
"summary": "SUSE Bug 1250861 for CVE-2023-53480",
"url": "https://bugzilla.suse.com/1250861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53480"
},
{
"cve": "CVE-2023-53482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix error unwind in iommu_group_alloc()\n\nIf either iommu_group_grate_file() fails then the\niommu_group is leaked.\n\nDestroy it on these error paths.\n\nFound by kselftest/iommu/iommufd_fail_nth",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53482",
"url": "https://www.suse.com/security/cve/CVE-2023-53482"
},
{
"category": "external",
"summary": "SUSE Bug 1250832 for CVE-2023-53482",
"url": "https://bugzilla.suse.com/1250832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53482"
},
{
"cve": "CVE-2023-53485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev\n\nSyzkaller reported the following issue:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:1965:6\nindex -84 is out of range for type \u0027s8[341]\u0027 (aka \u0027signed char[341]\u0027)\nCPU: 1 PID: 4995 Comm: syz-executor146 Not tainted 6.4.0-rc6-syzkaller-00037-gb6dad5178cea #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348\n dbAllocDmapLev+0x3e5/0x430 fs/jfs/jfs_dmap.c:1965\n dbAllocCtl+0x113/0x920 fs/jfs/jfs_dmap.c:1809\n dbAllocAG+0x28f/0x10b0 fs/jfs/jfs_dmap.c:1350\n dbAlloc+0x658/0xca0 fs/jfs/jfs_dmap.c:874\n dtSplitUp fs/jfs/jfs_dtree.c:974 [inline]\n dtInsert+0xda7/0x6b00 fs/jfs/jfs_dtree.c:863\n jfs_create+0x7b6/0xbb0 fs/jfs/namei.c:137\n lookup_open fs/namei.c:3492 [inline]\n open_last_lookups fs/namei.c:3560 [inline]\n path_openat+0x13df/0x3170 fs/namei.c:3788\n do_filp_open+0x234/0x490 fs/namei.c:3818\n do_sys_openat2+0x13f/0x500 fs/open.c:1356\n do_sys_open fs/open.c:1372 [inline]\n __do_sys_openat fs/open.c:1388 [inline]\n __se_sys_openat fs/open.c:1383 [inline]\n __x64_sys_openat+0x247/0x290 fs/open.c:1383\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f1f4e33f7e9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffc21129578 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1f4e33f7e9\nRDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c\nRBP: 00007f1f4e2ff080 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f4e2ff110\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nThe bug occurs when the dbAllocDmapLev()function attempts to access\ndp-\u003etree.stree[leafidx + LEAFIND] while the leafidx value is negative.\n\nTo rectify this, the patch introduces a safeguard within the\ndbAllocDmapLev() function. A check has been added to verify if leafidx is\nnegative. If it is, the function immediately returns an I/O error, preventing\nany further execution that could potentially cause harm.\n\nTested via syzbot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53485",
"url": "https://www.suse.com/security/cve/CVE-2023-53485"
},
{
"category": "external",
"summary": "SUSE Bug 1250872 for CVE-2023-53485",
"url": "https://bugzilla.suse.com/1250872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53485"
},
{
"cve": "CVE-2023-53487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53487"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/rtas_flash: allow user copy to flash block cache objects\n\nWith hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), using the\n/proc/powerpc/rtas/firmware_update interface to prepare a system\nfirmware update yields a BUG():\n\n kernel BUG at mm/usercopy.c:102!\n Oops: Exception in kernel mode, sig: 5 [#1]\n LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\n Modules linked in:\n CPU: 0 PID: 2232 Comm: dd Not tainted 6.5.0-rc3+ #2\n Hardware name: IBM,8408-E8E POWER8E (raw) 0x4b0201 0xf000004 of:IBM,FW860.50 (SV860_146) hv:phyp pSeries\n NIP: c0000000005991d0 LR: c0000000005991cc CTR: 0000000000000000\n REGS: c0000000148c76a0 TRAP: 0700 Not tainted (6.5.0-rc3+)\n MSR: 8000000000029033 \u003cSF,EE,ME,IR,DR,RI,LE\u003e CR: 24002242 XER: 0000000c\n CFAR: c0000000001fbd34 IRQMASK: 0\n [ ... GPRs omitted ... ]\n NIP usercopy_abort+0xa0/0xb0\n LR usercopy_abort+0x9c/0xb0\n Call Trace:\n usercopy_abort+0x9c/0xb0 (unreliable)\n __check_heap_object+0x1b4/0x1d0\n __check_object_size+0x2d0/0x380\n rtas_flash_write+0xe4/0x250\n proc_reg_write+0xfc/0x160\n vfs_write+0xfc/0x4e0\n ksys_write+0x90/0x160\n system_call_exception+0x178/0x320\n system_call_common+0x160/0x2c4\n\nThe blocks of the firmware image are copied directly from user memory\nto objects allocated from flash_block_cache, so flash_block_cache must\nbe created using kmem_cache_create_usercopy() to mark it safe for user\naccess.\n\n[mpe: Trim and indent oops]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53487",
"url": "https://www.suse.com/security/cve/CVE-2023-53487"
},
{
"category": "external",
"summary": "SUSE Bug 1250830 for CVE-2023-53487",
"url": "https://bugzilla.suse.com/1250830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53487"
},
{
"cve": "CVE-2023-53488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix possible panic during hotplug remove\n\nDuring hotplug remove it is possible that the update counters work\nmight be pending, and may run after memory has been freed.\nCancel the update counters work before freeing memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53488",
"url": "https://www.suse.com/security/cve/CVE-2023-53488"
},
{
"category": "external",
"summary": "SUSE Bug 1250825 for CVE-2023-53488",
"url": "https://bugzilla.suse.com/1250825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53488"
},
{
"cve": "CVE-2023-53489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53489"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.\n\nsyzkaller reported [0] memory leaks of an UDP socket and ZEROCOPY\nskbs. We can reproduce the problem with these sequences:\n\n sk = socket(AF_INET, SOCK_DGRAM, 0)\n sk.setsockopt(SOL_SOCKET, SO_TIMESTAMPING, SOF_TIMESTAMPING_TX_SOFTWARE)\n sk.setsockopt(SOL_SOCKET, SO_ZEROCOPY, 1)\n sk.sendto(b\u0027\u0027, MSG_ZEROCOPY, (\u0027127.0.0.1\u0027, 53))\n sk.close()\n\nsendmsg() calls msg_zerocopy_alloc(), which allocates a skb, sets\nskb-\u003ecb-\u003eubuf.refcnt to 1, and calls sock_hold(). Here, struct\nubuf_info_msgzc indirectly holds a refcnt of the socket. When the\nskb is sent, __skb_tstamp_tx() clones it and puts the clone into\nthe socket\u0027s error queue with the TX timestamp.\n\nWhen the original skb is received locally, skb_copy_ubufs() calls\nskb_unclone(), and pskb_expand_head() increments skb-\u003ecb-\u003eubuf.refcnt.\nThis additional count is decremented while freeing the skb, but struct\nubuf_info_msgzc still has a refcnt, so __msg_zerocopy_callback() is\nnot called.\n\nThe last refcnt is not released unless we retrieve the TX timestamped\nskb by recvmsg(). Since we clear the error queue in inet_sock_destruct()\nafter the socket\u0027s refcnt reaches 0, there is a circular dependency.\nIf we close() the socket holding such skbs, we never call sock_put()\nand leak the count, sk, and skb.\n\nTCP has the same problem, and commit e0c8bccd40fc (\"net: stream:\npurge sk_error_queue in sk_stream_kill_queues()\") tried to fix it\nby calling skb_queue_purge() during close(). However, there is a\nsmall chance that skb queued in a qdisc or device could be put\ninto the error queue after the skb_queue_purge() call.\n\nIn __skb_tstamp_tx(), the cloned skb should not have a reference\nto the ubuf to remove the circular dependency, but skb_clone() does\nnot call skb_copy_ubufs() for zerocopy skb. So, we need to call\nskb_orphan_frags_rx() for the cloned skb to call skb_copy_ubufs().\n\n[0]:\nBUG: memory leak\nunreferenced object 0xffff88800c6d2d00 (size 1152):\n comm \"syz-executor392\", pid 264, jiffies 4294785440 (age 13.044s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 cd af e8 81 00 00 00 00 ................\n 02 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............\n backtrace:\n [\u003c0000000055636812\u003e] sk_prot_alloc+0x64/0x2a0 net/core/sock.c:2024\n [\u003c0000000054d77b7a\u003e] sk_alloc+0x3b/0x800 net/core/sock.c:2083\n [\u003c0000000066f3c7e0\u003e] inet_create net/ipv4/af_inet.c:319 [inline]\n [\u003c0000000066f3c7e0\u003e] inet_create+0x31e/0xe40 net/ipv4/af_inet.c:245\n [\u003c000000009b83af97\u003e] __sock_create+0x2ab/0x550 net/socket.c:1515\n [\u003c00000000b9b11231\u003e] sock_create net/socket.c:1566 [inline]\n [\u003c00000000b9b11231\u003e] __sys_socket_create net/socket.c:1603 [inline]\n [\u003c00000000b9b11231\u003e] __sys_socket_create net/socket.c:1588 [inline]\n [\u003c00000000b9b11231\u003e] __sys_socket+0x138/0x250 net/socket.c:1636\n [\u003c000000004fb45142\u003e] __do_sys_socket net/socket.c:1649 [inline]\n [\u003c000000004fb45142\u003e] __se_sys_socket net/socket.c:1647 [inline]\n [\u003c000000004fb45142\u003e] __x64_sys_socket+0x73/0xb0 net/socket.c:1647\n [\u003c0000000066999e0e\u003e] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n [\u003c0000000066999e0e\u003e] do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80\n [\u003c0000000017f238c1\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nBUG: memory leak\nunreferenced object 0xffff888017633a00 (size 240):\n comm \"syz-executor392\", pid 264, jiffies 4294785440 (age 13.044s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 2d 6d 0c 80 88 ff ff .........-m.....\n backtrace:\n [\u003c000000002b1c4368\u003e] __alloc_skb+0x229/0x320 net/core/skbuff.c:497\n [\u003c00000000143579a6\u003e] alloc_skb include/linux/skbuff.h:1265 [inline]\n [\u003c00000000143579a6\u003e] sock_omalloc+0xaa/0x190 net/core/sock.c:2596\n [\u003c00000000be626478\u003e] msg_zerocopy_alloc net/core/skbuff.c:1294 [inline]\n [\u003c00000000be626478\u003e]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53489",
"url": "https://www.suse.com/security/cve/CVE-2023-53489"
},
{
"category": "external",
"summary": "SUSE Bug 1250829 for CVE-2023-53489",
"url": "https://bugzilla.suse.com/1250829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53489"
},
{
"cve": "CVE-2023-53492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not ignore genmask when looking up chain by id\n\nWhen adding a rule to a chain referring to its ID, if that chain had been\ndeleted on the same batch, the rule might end up referring to a deleted\nchain.\n\nThis will lead to a WARNING like following:\n\n[ 33.098431] ------------[ cut here ]------------\n[ 33.098678] WARNING: CPU: 5 PID: 69 at net/netfilter/nf_tables_api.c:2037 nf_tables_chain_destroy+0x23d/0x260\n[ 33.099217] Modules linked in:\n[ 33.099388] CPU: 5 PID: 69 Comm: kworker/5:1 Not tainted 6.4.0+ #409\n[ 33.099726] Workqueue: events nf_tables_trans_destroy_work\n[ 33.100018] RIP: 0010:nf_tables_chain_destroy+0x23d/0x260\n[ 33.100306] Code: 8b 7c 24 68 e8 64 9c ed fe 4c 89 e7 e8 5c 9c ed fe 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 89 c6 89 c7 c3 cc cc cc cc \u003c0f\u003e 0b 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 89 c6 89 c7\n[ 33.101271] RSP: 0018:ffffc900004ffc48 EFLAGS: 00010202\n[ 33.101546] RAX: 0000000000000001 RBX: ffff888006fc0a28 RCX: 0000000000000000\n[ 33.101920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 33.102649] RBP: ffffc900004ffc78 R08: 0000000000000000 R09: 0000000000000000\n[ 33.103018] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880135ef500\n[ 33.103385] R13: 0000000000000000 R14: dead000000000122 R15: ffff888006fc0a10\n[ 33.103762] FS: 0000000000000000(0000) GS:ffff888024c80000(0000) knlGS:0000000000000000\n[ 33.104184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 33.104493] CR2: 00007fe863b56a50 CR3: 00000000124b0001 CR4: 0000000000770ee0\n[ 33.104872] PKRU: 55555554\n[ 33.104999] Call Trace:\n[ 33.105113] \u003cTASK\u003e\n[ 33.105214] ? show_regs+0x72/0x90\n[ 33.105371] ? __warn+0xa5/0x210\n[ 33.105520] ? nf_tables_chain_destroy+0x23d/0x260\n[ 33.105732] ? report_bug+0x1f2/0x200\n[ 33.105902] ? handle_bug+0x46/0x90\n[ 33.106546] ? exc_invalid_op+0x19/0x50\n[ 33.106762] ? asm_exc_invalid_op+0x1b/0x20\n[ 33.106995] ? nf_tables_chain_destroy+0x23d/0x260\n[ 33.107249] ? nf_tables_chain_destroy+0x30/0x260\n[ 33.107506] nf_tables_trans_destroy_work+0x669/0x680\n[ 33.107782] ? mark_held_locks+0x28/0xa0\n[ 33.107996] ? __pfx_nf_tables_trans_destroy_work+0x10/0x10\n[ 33.108294] ? _raw_spin_unlock_irq+0x28/0x70\n[ 33.108538] process_one_work+0x68c/0xb70\n[ 33.108755] ? lock_acquire+0x17f/0x420\n[ 33.108977] ? __pfx_process_one_work+0x10/0x10\n[ 33.109218] ? do_raw_spin_lock+0x128/0x1d0\n[ 33.109435] ? _raw_spin_lock_irq+0x71/0x80\n[ 33.109634] worker_thread+0x2bd/0x700\n[ 33.109817] ? __pfx_worker_thread+0x10/0x10\n[ 33.110254] kthread+0x18b/0x1d0\n[ 33.110410] ? __pfx_kthread+0x10/0x10\n[ 33.110581] ret_from_fork+0x29/0x50\n[ 33.110757] \u003c/TASK\u003e\n[ 33.110866] irq event stamp: 1651\n[ 33.111017] hardirqs last enabled at (1659): [\u003cffffffffa206a209\u003e] __up_console_sem+0x79/0xa0\n[ 33.111379] hardirqs last disabled at (1666): [\u003cffffffffa206a1ee\u003e] __up_console_sem+0x5e/0xa0\n[ 33.111740] softirqs last enabled at (1616): [\u003cffffffffa1f5d40e\u003e] __irq_exit_rcu+0x9e/0xe0\n[ 33.112094] softirqs last disabled at (1367): [\u003cffffffffa1f5d40e\u003e] __irq_exit_rcu+0x9e/0xe0\n[ 33.112453] ---[ end trace 0000000000000000 ]---\n\nThis is due to the nft_chain_lookup_byid ignoring the genmask. After this\nchange, adding the new rule will fail as it will not find the chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53492",
"url": "https://www.suse.com/security/cve/CVE-2023-53492"
},
{
"category": "external",
"summary": "SUSE Bug 1250823 for CVE-2023-53492",
"url": "https://bugzilla.suse.com/1250823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53492"
},
{
"cve": "CVE-2023-53494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xts - Handle EBUSY correctly\n\nAs it is xts only handles the special return value of EINPROGRESS,\nwhich means that in all other cases it will free data related to the\nrequest.\n\nHowever, as the caller of xts may specify MAY_BACKLOG, we also need\nto expect EBUSY and treat it in the same way. Otherwise backlogged\nrequests will trigger a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53494",
"url": "https://www.suse.com/security/cve/CVE-2023-53494"
},
{
"category": "external",
"summary": "SUSE Bug 1250822 for CVE-2023-53494",
"url": "https://bugzilla.suse.com/1250822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53494"
},
{
"cve": "CVE-2023-53496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/platform/uv: Use alternate source for socket to node data\n\nThe UV code attempts to build a set of tables to allow it to do\nbidirectional socket\u003c=\u003enode lookups.\n\nBut when nr_cpus is set to a smaller number than actually present, the\ncpu_to_node() mapping information for unused CPUs is not available to\nbuild_socket_tables(). This results in skipping some nodes or sockets\nwhen creating the tables and leaving some -1\u0027s for later code to trip.\nover, causing oopses.\n\nThe problem is that the socket\u003c=\u003enode lookups are created by doing a\nloop over all CPUs, then looking up the CPU\u0027s APICID and socket. But\nif a CPU is not present, there is no way to start this lookup.\n\nInstead of looping over all CPUs, take CPUs out of the equation\nentirely. Loop over all APICIDs which are mapped to a valid NUMA node.\nThen just extract the socket-id from the APICID.\n\nThis avoid tripping over disabled CPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53496",
"url": "https://www.suse.com/security/cve/CVE-2023-53496"
},
{
"category": "external",
"summary": "SUSE Bug 1250905 for CVE-2023-53496",
"url": "https://bugzilla.suse.com/1250905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53496"
},
{
"cve": "CVE-2023-53498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential null dereference\n\nThe adev-\u003edm.dc pointer can be NULL and dereferenced in amdgpu_dm_fini()\nwithout checking.\n\nAdd a NULL pointer check before calling dc_dmub_srv_destroy().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53498",
"url": "https://www.suse.com/security/cve/CVE-2023-53498"
},
{
"category": "external",
"summary": "SUSE Bug 1250819 for CVE-2023-53498",
"url": "https://bugzilla.suse.com/1250819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53498"
},
{
"cve": "CVE-2023-53499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix error unwinding of XDP initialization\n\nWhen initializing XDP in virtnet_open(), some rq xdp initialization\nmay hit an error causing net device open failed. However, previous\nrqs have already initialized XDP and enabled NAPI, which is not the\nexpected behavior. Need to roll back the previous rq initialization\nto avoid leaks in error unwinding of init code.\n\nAlso extract helper functions of disable and enable queue pairs.\nUse newly introduced disable helper function in error unwinding and\nvirtnet_close. Use enable helper function in virtnet_open.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53499",
"url": "https://www.suse.com/security/cve/CVE-2023-53499"
},
{
"category": "external",
"summary": "SUSE Bug 1250818 for CVE-2023-53499",
"url": "https://bugzilla.suse.com/1250818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53499"
},
{
"cve": "CVE-2023-53505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53505"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: tegra: tegra124-emc: Fix potential memory leak\n\nThe tegra and tegra needs to be freed in the error handling path, otherwise\nit will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53505",
"url": "https://www.suse.com/security/cve/CVE-2023-53505"
},
{
"category": "external",
"summary": "SUSE Bug 1250807 for CVE-2023-53505",
"url": "https://bugzilla.suse.com/1250807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53505"
},
{
"cve": "CVE-2023-53506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Do not bother merging very long extents\n\nWhen merging very long extents we try to push as much length as possible\nto the first extent. However this is unnecessarily complicated and not\nreally worth the trouble. Furthermore there was a bug in the logic\nresulting in corrupting extents in the file as syzbot reproducer shows.\nSo just don\u0027t bother with the merging of extents that are too long\ntogether.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53506",
"url": "https://www.suse.com/security/cve/CVE-2023-53506"
},
{
"category": "external",
"summary": "SUSE Bug 1250963 for CVE-2023-53506",
"url": "https://bugzilla.suse.com/1250963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53506"
},
{
"cve": "CVE-2023-53509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqed: allow sleep in qed_mcp_trace_dump()\n\nBy default, qed_mcp_cmd_and_union() delays 10us at a time in a loop\nthat can run 500K times, so calls to qed_mcp_nvm_rd_cmd()\nmay block the current thread for over 5s.\nWe observed thread scheduling delays over 700ms in production,\nwith stacktraces pointing to this code as the culprit.\n\nqed_mcp_trace_dump() is called from ethtool, so sleeping is permitted.\nIt already can sleep in qed_mcp_halt(), which calls qed_mcp_cmd().\nAdd a \"can sleep\" parameter to qed_find_nvram_image() and\nqed_nvram_read() so they can sleep during qed_mcp_trace_dump().\nqed_mcp_trace_get_meta_info() and qed_mcp_trace_read_meta(),\ncalled only by qed_mcp_trace_dump(), allow these functions to sleep.\nI can\u0027t tell if the other caller (qed_grc_dump_mcp_hw_dump()) can sleep,\nso keep b_can_sleep set to false when it calls these functions.\n\nAn example stacktrace from a custom warning we added to the kernel\nshowing a thread that has not scheduled despite long needing resched:\n[ 2745.362925,17] ------------[ cut here ]------------\n[ 2745.362941,17] WARNING: CPU: 23 PID: 5640 at arch/x86/kernel/irq.c:233 do_IRQ+0x15e/0x1a0()\n[ 2745.362946,17] Thread not rescheduled for 744 ms after irq 99\n[ 2745.362956,17] Modules linked in: ...\n[ 2745.363339,17] CPU: 23 PID: 5640 Comm: lldpd Tainted: P O 4.4.182+ #202104120910+6d1da174272d.61x\n[ 2745.363343,17] Hardware name: FOXCONN MercuryB/Quicksilver Controller, BIOS H11P1N09 07/08/2020\n[ 2745.363346,17] 0000000000000000 ffff885ec07c3ed8 ffffffff8131eb2f ffff885ec07c3f20\n[ 2745.363358,17] ffffffff81d14f64 ffff885ec07c3f10 ffffffff81072ac2 ffff88be98ed0000\n[ 2745.363369,17] 0000000000000063 0000000000000174 0000000000000074 0000000000000000\n[ 2745.363379,17] Call Trace:\n[ 2745.363382,17] \u003cIRQ\u003e [\u003cffffffff8131eb2f\u003e] dump_stack+0x8e/0xcf\n[ 2745.363393,17] [\u003cffffffff81072ac2\u003e] warn_slowpath_common+0x82/0xc0\n[ 2745.363398,17] [\u003cffffffff81072b4c\u003e] warn_slowpath_fmt+0x4c/0x50\n[ 2745.363404,17] [\u003cffffffff810d5a8e\u003e] ? rcu_irq_exit+0xae/0xc0\n[ 2745.363408,17] [\u003cffffffff817c99fe\u003e] do_IRQ+0x15e/0x1a0\n[ 2745.363413,17] [\u003cffffffff817c7ac9\u003e] common_interrupt+0x89/0x89\n[ 2745.363416,17] \u003cEOI\u003e [\u003cffffffff8132aa74\u003e] ? delay_tsc+0x24/0x50\n[ 2745.363425,17] [\u003cffffffff8132aa04\u003e] __udelay+0x34/0x40\n[ 2745.363457,17] [\u003cffffffffa04d45ff\u003e] qed_mcp_cmd_and_union+0x36f/0x7d0 [qed]\n[ 2745.363473,17] [\u003cffffffffa04d5ced\u003e] qed_mcp_nvm_rd_cmd+0x4d/0x90 [qed]\n[ 2745.363490,17] [\u003cffffffffa04e1dc7\u003e] qed_mcp_trace_dump+0x4a7/0x630 [qed]\n[ 2745.363504,17] [\u003cffffffffa04e2556\u003e] ? qed_fw_asserts_dump+0x1d6/0x1f0 [qed]\n[ 2745.363520,17] [\u003cffffffffa04e4ea7\u003e] qed_dbg_mcp_trace_get_dump_buf_size+0x37/0x80 [qed]\n[ 2745.363536,17] [\u003cffffffffa04ea881\u003e] qed_dbg_feature_size+0x61/0xa0 [qed]\n[ 2745.363551,17] [\u003cffffffffa04eb427\u003e] qed_dbg_all_data_size+0x247/0x260 [qed]\n[ 2745.363560,17] [\u003cffffffffa0482c10\u003e] qede_get_regs_len+0x30/0x40 [qede]\n[ 2745.363566,17] [\u003cffffffff816c9783\u003e] ethtool_get_drvinfo+0xe3/0x190\n[ 2745.363570,17] [\u003cffffffff816cc152\u003e] dev_ethtool+0x1362/0x2140\n[ 2745.363575,17] [\u003cffffffff8109bcc6\u003e] ? finish_task_switch+0x76/0x260\n[ 2745.363580,17] [\u003cffffffff817c2116\u003e] ? __schedule+0x3c6/0x9d0\n[ 2745.363585,17] [\u003cffffffff810dbd50\u003e] ? hrtimer_start_range_ns+0x1d0/0x370\n[ 2745.363589,17] [\u003cffffffff816c1e5b\u003e] ? dev_get_by_name_rcu+0x6b/0x90\n[ 2745.363594,17] [\u003cffffffff816de6a8\u003e] dev_ioctl+0xe8/0x710\n[ 2745.363599,17] [\u003cffffffff816a58a8\u003e] sock_do_ioctl+0x48/0x60\n[ 2745.363603,17] [\u003cffffffff816a5d87\u003e] sock_ioctl+0x1c7/0x280\n[ 2745.363608,17] [\u003cffffffff8111f393\u003e] ? seccomp_phase1+0x83/0x220\n[ 2745.363612,17] [\u003cffffffff811e3503\u003e] do_vfs_ioctl+0x2b3/0x4e0\n[ 2745.363616,17] [\u003cffffffff811e3771\u003e] SyS_ioctl+0x41/0x70\n[ 2745.363619,17] [\u003cffffffff817c6ffe\u003e] entry_SYSCALL_64_fastpath+0x1e/0x79\n[ 2745.363622,17] ---[ end trace f6954aa440266421 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53509",
"url": "https://www.suse.com/security/cve/CVE-2023-53509"
},
{
"category": "external",
"summary": "SUSE Bug 1250810 for CVE-2023-53509",
"url": "https://bugzilla.suse.com/1250810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53509"
},
{
"cve": "CVE-2023-53511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix fget leak when fs don\u0027t support nowait buffered read\n\nHeming reported a BUG when using io_uring doing link-cp on ocfs2. [1]\n\nDo the following steps can reproduce this BUG:\nmount -t ocfs2 /dev/vdc /mnt/ocfs2\ncp testfile /mnt/ocfs2/\n./link-cp /mnt/ocfs2/testfile /mnt/ocfs2/testfile.1\numount /mnt/ocfs2\n\nThen umount will fail, and it outputs:\numount: /mnt/ocfs2: target is busy.\n\nWhile tracing umount, it blames mnt_get_count() not return as expected.\nDo a deep investigation for fget()/fput() on related code flow, I\u0027ve\nfinally found that fget() leaks since ocfs2 doesn\u0027t support nowait\nbuffered read.\n\nio_issue_sqe\n|-io_assign_file // do fget() first\n |-io_read\n |-io_iter_do_read\n |-ocfs2_file_read_iter // return -EOPNOTSUPP\n |-kiocb_done\n |-io_rw_done\n |-__io_complete_rw_common // set REQ_F_REISSUE\n |-io_resubmit_prep\n |-io_req_prep_async // override req-\u003efile, leak happens\n\nThis was introduced by commit a196c78b5443 in v5.18. Fix it by don\u0027t\nre-assign req-\u003efile if it has already been assigned.\n\n[1] https://lore.kernel.org/ocfs2-devel/ab580a75-91c8-d68a-3455-40361be1bfa8@linux.alibaba.com/T/#t",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53511",
"url": "https://www.suse.com/security/cve/CVE-2023-53511"
},
{
"category": "external",
"summary": "SUSE Bug 1250913 for CVE-2023-53511",
"url": "https://bugzilla.suse.com/1250913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53511"
},
{
"cve": "CVE-2023-53512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix a memory leak\n\nAdd a forgotten kfree().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53512",
"url": "https://www.suse.com/security/cve/CVE-2023-53512"
},
{
"category": "external",
"summary": "SUSE Bug 1250915 for CVE-2023-53512",
"url": "https://bugzilla.suse.com/1250915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53512"
},
{
"cve": "CVE-2023-53515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-mmio: don\u0027t break lifecycle of vm_dev\n\nvm_dev has a separate lifecycle because it has a \u0027struct device\u0027\nembedded. Thus, having a release callback for it is correct.\n\nAllocating the vm_dev struct with devres totally breaks this protection,\nthough. Instead of waiting for the vm_dev release callback, the memory\nis freed when the platform_device is removed. Resulting in a\nuse-after-free when finally the callback is to be called.\n\nTo easily see the problem, compile the kernel with\nCONFIG_DEBUG_KOBJECT_RELEASE and unbind with sysfs.\n\nThe fix is easy, don\u0027t use devres in this case.\n\nFound during my research about object lifetime problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53515",
"url": "https://www.suse.com/security/cve/CVE-2023-53515"
},
{
"category": "external",
"summary": "SUSE Bug 1250917 for CVE-2023-53515",
"url": "https://bugzilla.suse.com/1250917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53515"
},
{
"cve": "CVE-2023-53518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix leak in devfreq_dev_release()\n\nsrcu_init_notifier_head() allocates resources that need to be released\nwith a srcu_cleanup_notifier_head() call.\n\nReported by kmemleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53518",
"url": "https://www.suse.com/security/cve/CVE-2023-53518"
},
{
"category": "external",
"summary": "SUSE Bug 1250923 for CVE-2023-53518",
"url": "https://bugzilla.suse.com/1250923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53518"
},
{
"cve": "CVE-2023-53519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53519"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-mem2mem: add lock to protect parameter num_rdy\n\nGetting below error when using KCSAN to check the driver. Adding lock to\nprotect parameter num_rdy when getting the value with function:\nv4l2_m2m_num_src_bufs_ready/v4l2_m2m_num_dst_bufs_ready.\n\nkworker/u16:3: [name:report\u0026]BUG: KCSAN: data-race in v4l2_m2m_buf_queue\nkworker/u16:3: [name:report\u0026]\n\nkworker/u16:3: [name:report\u0026]read-write to 0xffffff8105f35b94 of 1 bytes by task 20865 on cpu 7:\nkworker/u16:3: v4l2_m2m_buf_queue+0xd8/0x10c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53519",
"url": "https://www.suse.com/security/cve/CVE-2023-53519"
},
{
"category": "external",
"summary": "SUSE Bug 1250964 for CVE-2023-53519",
"url": "https://bugzilla.suse.com/1250964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53519"
},
{
"cve": "CVE-2023-53521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix slab-out-of-bounds in ses_intf_remove()\n\nA fix for:\n\nBUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses]\nRead of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013\n\nWhen edev-\u003ecomponents is zero, accessing edev-\u003ecomponent[0] members is\nwrong.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53521",
"url": "https://www.suse.com/security/cve/CVE-2023-53521"
},
{
"category": "external",
"summary": "SUSE Bug 1250965 for CVE-2023-53521",
"url": "https://bugzilla.suse.com/1250965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2023-53521"
},
{
"cve": "CVE-2023-53524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf\n\nAn integer overflow occurs in the iwl_write_to_user_buf() function,\nwhich is called by the iwl_dbgfs_monitor_data_read() function.\n\nstatic bool iwl_write_to_user_buf(char __user *user_buf, ssize_t count,\n\t\t\t\t void *buf, ssize_t *size,\n\t\t\t\t ssize_t *bytes_copied)\n{\n\tint buf_size_left = count - *bytes_copied;\n\n\tbuf_size_left = buf_size_left - (buf_size_left % sizeof(u32));\n\tif (*size \u003e buf_size_left)\n\t\t*size = buf_size_left;\n\nIf the user passes a SIZE_MAX value to the \"ssize_t count\" parameter,\nthe ssize_t count parameter is assigned to \"int buf_size_left\".\nThen compare \"*size\" with \"buf_size_left\" . Here, \"buf_size_left\" is a\nnegative number, so \"*size\" is assigned \"buf_size_left\" and goes into\nthe third argument of the copy_to_user function, causing a heap overflow.\n\nThis is not a security vulnerability because iwl_dbgfs_monitor_data_read()\nis a debugfs operation with 0400 privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53524",
"url": "https://www.suse.com/security/cve/CVE-2023-53524"
},
{
"category": "external",
"summary": "SUSE Bug 1250953 for CVE-2023-53524",
"url": "https://bugzilla.suse.com/1250953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53524"
},
{
"cve": "CVE-2023-53525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Allow UD qp_type to join multicast only\n\nAs for multicast:\n- The SIDR is the only mode that makes sense;\n- Besides PS_UDP, other port spaces like PS_IB is also allowed, as it is\n UD compatible. In this case qkey also needs to be set [1].\n\nThis patch allows only UD qp_type to join multicast, and set qkey to\ndefault if it\u0027s not set, to fix an uninit-value error: the ib-\u003erec.qkey\nfield is accessed without being initialized.\n\n=====================================================\nBUG: KMSAN: uninit-value in cma_set_qkey drivers/infiniband/core/cma.c:510 [inline]\nBUG: KMSAN: uninit-value in cma_make_mc_event+0xb73/0xe00 drivers/infiniband/core/cma.c:4570\n cma_set_qkey drivers/infiniband/core/cma.c:510 [inline]\n cma_make_mc_event+0xb73/0xe00 drivers/infiniband/core/cma.c:4570\n cma_iboe_join_multicast drivers/infiniband/core/cma.c:4782 [inline]\n rdma_join_multicast+0x2b83/0x30a0 drivers/infiniband/core/cma.c:4814\n ucma_process_join+0xa76/0xf60 drivers/infiniband/core/ucma.c:1479\n ucma_join_multicast+0x1e3/0x250 drivers/infiniband/core/ucma.c:1546\n ucma_write+0x639/0x6d0 drivers/infiniband/core/ucma.c:1732\n vfs_write+0x8ce/0x2030 fs/read_write.c:588\n ksys_write+0x28c/0x520 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __ia32_sys_write+0xdb/0x120 fs/read_write.c:652\n do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline]\n __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180\n do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205\n do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248\n entry_SYSENTER_compat_after_hwframe+0x4d/0x5c\n\nLocal variable ib.i created at:\ncma_iboe_join_multicast drivers/infiniband/core/cma.c:4737 [inline]\nrdma_join_multicast+0x586/0x30a0 drivers/infiniband/core/cma.c:4814\nucma_process_join+0xa76/0xf60 drivers/infiniband/core/ucma.c:1479\n\nCPU: 0 PID: 29874 Comm: syz-executor.3 Not tainted 5.16.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n=====================================================\n\n[1] https://lore.kernel.org/linux-rdma/20220117183832.GD84788@nvidia.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53525",
"url": "https://www.suse.com/security/cve/CVE-2023-53525"
},
{
"category": "external",
"summary": "SUSE Bug 1250927 for CVE-2023-53525",
"url": "https://bugzilla.suse.com/1250927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53525"
},
{
"cve": "CVE-2023-53526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: check \u0027jh-\u003eb_transaction\u0027 before removing it from checkpoint\n\nFollowing process will corrupt ext4 image:\nStep 1:\njbd2_journal_commit_transaction\n __jbd2_journal_insert_checkpoint(jh, commit_transaction)\n // Put jh into trans1-\u003et_checkpoint_list\n journal-\u003ej_checkpoint_transactions = commit_transaction\n // Put trans1 into journal-\u003ej_checkpoint_transactions\n\nStep 2:\ndo_get_write_access\n test_clear_buffer_dirty(bh) // clear buffer dirty\uff0cset jbd dirty\n __jbd2_journal_file_buffer(jh, transaction) // jh belongs to trans2\n\nStep 3:\ndrop_cache\n journal_shrink_one_cp_list\n jbd2_journal_try_remove_checkpoint\n if (!trylock_buffer(bh)) // lock bh, true\n if (buffer_dirty(bh)) // buffer is not dirty\n __jbd2_journal_remove_checkpoint(jh)\n // remove jh from trans1-\u003et_checkpoint_list\n\nStep 4:\njbd2_log_do_checkpoint\n trans1 = journal-\u003ej_checkpoint_transactions\n // jh is not in trans1-\u003et_checkpoint_list\n jbd2_cleanup_journal_tail(journal) // trans1 is done\n\nStep 5: Power cut, trans2 is not committed, jh is lost in next mounting.\n\nFix it by checking \u0027jh-\u003eb_transaction\u0027 before remove it from checkpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53526",
"url": "https://www.suse.com/security/cve/CVE-2023-53526"
},
{
"category": "external",
"summary": "SUSE Bug 1250928 for CVE-2023-53526",
"url": "https://bugzilla.suse.com/1250928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53526"
},
{
"cve": "CVE-2023-53530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()\n\nThe following call trace was observed:\n\nlocalhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete\nlocalhost kernel: BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u129:4/75092\nlocalhost kernel: nvme nvme0: NVME-FC{0}: new ctrl: NQN \"nqn.1992-08.com.netapp:sn.b42d198afb4d11ecad6d00a098d6abfa:subsystem.PR_Channel2022_RH84_subsystem_291\"\nlocalhost kernel: caller is qla_nvme_post_cmd+0x216/0x1380 [qla2xxx]\nlocalhost kernel: CPU: 6 PID: 75092 Comm: kworker/u129:4 Kdump: loaded Tainted: G B W OE --------- --- 5.14.0-70.22.1.el9_0.x86_64+debug #1\nlocalhost kernel: Hardware name: HPE ProLiant XL420 Gen10/ProLiant XL420 Gen10, BIOS U39 01/13/2022\nlocalhost kernel: Workqueue: nvme-wq nvme_async_event_work [nvme_core]\nlocalhost kernel: Call Trace:\nlocalhost kernel: dump_stack_lvl+0x57/0x7d\nlocalhost kernel: check_preemption_disabled+0xc8/0xd0\nlocalhost kernel: qla_nvme_post_cmd+0x216/0x1380 [qla2xxx]\n\nUse raw_smp_processor_id() instead of smp_processor_id().\n\nAlso use queue_work() across the driver instead of queue_work_on() thus\navoiding usage of smp_processor_id() when CONFIG_DEBUG_PREEMPT is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53530",
"url": "https://www.suse.com/security/cve/CVE-2023-53530"
},
{
"category": "external",
"summary": "SUSE Bug 1250949 for CVE-2023-53530",
"url": "https://bugzilla.suse.com/1250949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53530"
},
{
"cve": "CVE-2023-53531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix poll request timeout handling\n\nWhen doing io_uring benchmark on /dev/nullb0, it\u0027s easy to crash the\nkernel if poll requests timeout triggered, as reported by David. [1]\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nWorkqueue: kblockd blk_mq_timeout_work\nRIP: 0010:null_timeout_rq+0x4e/0x91\nCall Trace:\n ? null_timeout_rq+0x4e/0x91\n blk_mq_handle_expired+0x31/0x4b\n bt_iter+0x68/0x84\n ? bt_tags_iter+0x81/0x81\n __sbitmap_for_each_set.constprop.0+0xb0/0xf2\n ? __blk_mq_complete_request_remote+0xf/0xf\n bt_for_each+0x46/0x64\n ? __blk_mq_complete_request_remote+0xf/0xf\n ? percpu_ref_get_many+0xc/0x2a\n blk_mq_queue_tag_busy_iter+0x14d/0x18e\n blk_mq_timeout_work+0x95/0x127\n process_one_work+0x185/0x263\n worker_thread+0x1b5/0x227\n\nThis is indeed a race problem between null_timeout_rq() and null_poll().\n\nnull_poll()\t\t\t\tnull_timeout_rq()\n spin_lock(\u0026nq-\u003epoll_lock)\n list_splice_init(\u0026nq-\u003epoll_list, \u0026list)\n spin_unlock(\u0026nq-\u003epoll_lock)\n\n while (!list_empty(\u0026list))\n req = list_first_entry()\n list_del_init()\n ...\n blk_mq_add_to_batch()\n // req-\u003erq_next = NULL\n\t\t\t\t\tspin_lock(\u0026nq-\u003epoll_lock)\n\n\t\t\t\t\t// rq-\u003equeuelist-\u003enext == NULL\n\t\t\t\t\tlist_del_init(\u0026rq-\u003equeuelist)\n\n\t\t\t\t\tspin_unlock(\u0026nq-\u003epoll_lock)\n\nFix these problems by setting requests state to MQ_RQ_COMPLETE under\nnq-\u003epoll_lock protection, in which null_timeout_rq() can safely detect\nthis race and early return.\n\nNote this patch just fix the kernel panic when request timeout happen.\n\n[1] https://lore.kernel.org/all/3893581.1691785261@warthog.procyon.org.uk/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53531",
"url": "https://www.suse.com/security/cve/CVE-2023-53531"
},
{
"category": "external",
"summary": "SUSE Bug 1250931 for CVE-2023-53531",
"url": "https://bugzilla.suse.com/1250931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53531"
},
{
"cve": "CVE-2023-53532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53532"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix deinitialization of firmware resources\n\nCurrently, in ath11k_ahb_fw_resources_init(), iommu domain\nmapping is done only for the chipsets having fixed firmware\nmemory. Also, for such chipsets, mapping is done only if it\ndoes not have TrustZone support.\n\nDuring deinitialization, only if TrustZone support is not there,\niommu is unmapped back. However, for non fixed firmware memory\nchipsets, TrustZone support is not there and this makes the\ncondition check to true and it tries to unmap the memory which\nwas not mapped during initialization.\n\nThis leads to the following trace -\n\n[ 83.198790] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n[ 83.259537] Modules linked in: ath11k_ahb ath11k qmi_helpers\n.. snip ..\n[ 83.280286] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 83.287228] pc : __iommu_unmap+0x30/0x140\n[ 83.293907] lr : iommu_unmap+0x5c/0xa4\n[ 83.298072] sp : ffff80000b3abad0\n.. snip ..\n[ 83.369175] Call trace:\n[ 83.376282] __iommu_unmap+0x30/0x140\n[ 83.378541] iommu_unmap+0x5c/0xa4\n[ 83.382360] ath11k_ahb_fw_resource_deinit.part.12+0x2c/0xac [ath11k_ahb]\n[ 83.385666] ath11k_ahb_free_resources+0x140/0x17c [ath11k_ahb]\n[ 83.392521] ath11k_ahb_shutdown+0x34/0x40 [ath11k_ahb]\n[ 83.398248] platform_shutdown+0x20/0x2c\n[ 83.403455] device_shutdown+0x16c/0x1c4\n[ 83.407621] kernel_restart_prepare+0x34/0x3c\n[ 83.411529] kernel_restart+0x14/0x74\n[ 83.415781] __do_sys_reboot+0x1c4/0x22c\n[ 83.419427] __arm64_sys_reboot+0x1c/0x24\n[ 83.423420] invoke_syscall+0x44/0xfc\n[ 83.427326] el0_svc_common.constprop.3+0xac/0xe8\n[ 83.430974] do_el0_svc+0xa0/0xa8\n[ 83.435659] el0_svc+0x1c/0x44\n[ 83.438957] el0t_64_sync_handler+0x60/0x144\n[ 83.441910] el0t_64_sync+0x15c/0x160\n[ 83.446343] Code: aa0103f4 f9400001 f90027a1 d2800001 (f94006a0)\n[ 83.449903] ---[ end trace 0000000000000000 ]---\n\nThis can be reproduced by probing an AHB chipset which is not\nhaving a fixed memory region. During reboot (or rmmod) trace\ncan be seen.\n\nFix this issue by adding a condition check on firmware fixed memory\nhw_param as done in the counter initialization function.\n\nTested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53532",
"url": "https://www.suse.com/security/cve/CVE-2023-53532"
},
{
"category": "external",
"summary": "SUSE Bug 1250932 for CVE-2023-53532",
"url": "https://bugzilla.suse.com/1250932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2023-53532"
},
{
"cve": "CVE-2024-26583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix race between async notify and socket close\n\nThe submitting thread (one which called recvmsg/sendmsg)\nmay exit as soon as the async crypto handler calls complete()\nso any code past that point risks touching already freed data.\n\nTry to avoid the locking and extra flags altogether.\nHave the main thread hold an extra reference, this way\nwe can depend solely on the atomic ref counter for\nsynchronization.\n\nDon\u0027t futz with reiniting the completion, either, we are now\ntightly controlling when completion fires.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26583",
"url": "https://www.suse.com/security/cve/CVE-2024-26583"
},
{
"category": "external",
"summary": "SUSE Bug 1220185 for CVE-2024-26583",
"url": "https://bugzilla.suse.com/1220185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2024-26583"
},
{
"cve": "CVE-2024-26584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26584"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: handle backlogging of crypto requests\n\nSince we\u0027re setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our\nrequests to the crypto API, crypto_aead_{encrypt,decrypt} can return\n -EBUSY instead of -EINPROGRESS in valid situations. For example, when\nthe cryptd queue for AESNI is full (easy to trigger with an\nartificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued\nto the backlog but still processed. In that case, the async callback\nwill also be called twice: first with err == -EINPROGRESS, which it\nseems we can just ignore, then with err == 0.\n\nCompared to Sabrina\u0027s original patch this version uses the new\ntls_*crypt_async_wait() helpers and converts the EBUSY to\nEINPROGRESS to avoid having to modify all the error handling\npaths. The handling is identical.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26584",
"url": "https://www.suse.com/security/cve/CVE-2024-26584"
},
{
"category": "external",
"summary": "SUSE Bug 1220186 for CVE-2024-26584",
"url": "https://bugzilla.suse.com/1220186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2024-26584"
},
{
"cve": "CVE-2024-58240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: separate no-async decryption request handling from async\n\nIf we\u0027re not doing async, the handling is much simpler. There\u0027s no\nreference counting, we just need to wait for the completion to wake us\nup and return its result.\n\nWe should preferably also use a separate crypto_wait. I\u0027m not seeing a\nUAF as I did in the past, I think aec7961916f3 (\"tls: fix race between\nasync notify and socket close\") took care of it.\n\nThis will make the next fix easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58240",
"url": "https://www.suse.com/security/cve/CVE-2024-58240"
},
{
"category": "external",
"summary": "SUSE Bug 1248847 for CVE-2024-58240",
"url": "https://bugzilla.suse.com/1248847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "low"
}
],
"title": "CVE-2024-58240"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mdiobus: Fix potential out-of-bounds read/write access\n\nWhen using publicly available tools like \u0027mdio-tools\u0027 to read/write data\nfrom/to network interface and its PHY via mdiobus, there is no verification of\nparameters passed to the ioctl and it accepts any mdio address.\nCurrently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,\nbut it is possible to pass higher value than that via ioctl.\nWhile read/write operation should generally fail in this case,\nmdiobus provides stats array, where wrong address may allow out-of-bounds\nread/write.\n\nFix that by adding address verification before read/write operation.\nWhile this excludes this access from any statistics, it improves security of\nread/write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38111",
"url": "https://www.suse.com/security/cve/CVE-2025-38111"
},
{
"category": "external",
"summary": "SUSE Bug 1245666 for CVE-2025-38111",
"url": "https://bugzilla.suse.com/1245666"
},
{
"category": "external",
"summary": "SUSE Bug 1249455 for CVE-2025-38111",
"url": "https://bugzilla.suse.com/1249455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38111"
},
{
"cve": "CVE-2025-38380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38380"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38380",
"url": "https://www.suse.com/security/cve/CVE-2025-38380"
},
{
"category": "external",
"summary": "SUSE Bug 1247028 for CVE-2025-38380",
"url": "https://bugzilla.suse.com/1247028"
},
{
"category": "external",
"summary": "SUSE Bug 1247029 for CVE-2025-38380",
"url": "https://bugzilla.suse.com/1247029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38380"
},
{
"cve": "CVE-2025-38488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in crypt_message when using async crypto\n\nThe CVE-2024-50047 fix removed asynchronous crypto handling from\ncrypt_message(), assuming all crypto operations are synchronous.\nHowever, when hardware crypto accelerators are used, this can cause\nuse-after-free crashes:\n\n crypt_message()\n // Allocate the creq buffer containing the req\n creq = smb2_get_aead_req(..., \u0026req);\n\n // Async encryption returns -EINPROGRESS immediately\n rc = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);\n\n // Free creq while async operation is still in progress\n kvfree_sensitive(creq, ...);\n\nHardware crypto modules often implement async AEAD operations for\nperformance. When crypto_aead_encrypt/decrypt() returns -EINPROGRESS,\nthe operation completes asynchronously. Without crypto_wait_req(),\nthe function immediately frees the request buffer, leading to crashes\nwhen the driver later accesses the freed memory.\n\nThis results in a use-after-free condition when the hardware crypto\ndriver later accesses the freed request structure, leading to kernel\ncrashes with NULL pointer dereferences.\n\nThe issue occurs because crypto_alloc_aead() with mask=0 doesn\u0027t\nguarantee synchronous operation. Even without CRYPTO_ALG_ASYNC in\nthe mask, async implementations can be selected.\n\nFix by restoring the async crypto handling:\n- DECLARE_CRYPTO_WAIT(wait) for completion tracking\n- aead_request_set_callback() for async completion notification\n- crypto_wait_req() to wait for operation completion\n\nThis ensures the request buffer isn\u0027t freed until the crypto operation\ncompletes, whether synchronous or asynchronous, while preserving the\nCVE-2024-50047 fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38488",
"url": "https://www.suse.com/security/cve/CVE-2025-38488"
},
{
"category": "external",
"summary": "SUSE Bug 1247239 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "external",
"summary": "SUSE Bug 1247240 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38488"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: No more self recovery\n\nWhen a node withdraws and it turns out that it is the only node that has\nthe filesystem mounted, gfs2 currently tries to replay the local journal\nto bring the filesystem back into a consistent state. Not only is that\na very bad idea, it has also never worked because gfs2_recover_func()\nwill refuse to do anything during a withdraw.\n\nHowever, before even getting to this point, gfs2_recover_func()\ndereferences sdp-\u003esd_jdesc-\u003ejd_inode. This was a use-after-free before\ncommit 04133b607a78 (\"gfs2: Prevent double iput for journal on error\")\nand is a NULL pointer dereference since then.\n\nSimply get rid of self recovery to fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38659",
"url": "https://www.suse.com/security/cve/CVE-2025-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1248639 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "external",
"summary": "SUSE Bug 1248759 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38659"
},
{
"cve": "CVE-2025-38664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix a null pointer dereference in ice_copy_and_init_pkg()\n\nAdd check for the return value of devm_kmemdup()\nto prevent potential null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38664",
"url": "https://www.suse.com/security/cve/CVE-2025-38664"
},
{
"category": "external",
"summary": "SUSE Bug 1248628 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "external",
"summary": "SUSE Bug 1248631 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38664"
},
{
"cve": "CVE-2025-38678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject duplicate device on updates\n\nA chain/flowtable update with duplicated devices in the same batch is\npossible. Unfortunately, netdev event path only removes the first\ndevice that is found, leaving unregistered the hook of the duplicated\ndevice.\n\nCheck if a duplicated device exists in the transaction batch, bail out\nwith EEXIST in such case.\n\nWARNING is hit when unregistering the hook:\n\n [49042.221275] WARNING: CPU: 4 PID: 8425 at net/netfilter/core.c:340 nf_hook_entry_head+0xaa/0x150\n [49042.221375] CPU: 4 UID: 0 PID: 8425 Comm: nft Tainted: G S 6.16.0+ #170 PREEMPT(full)\n [...]\n [49042.221382] RIP: 0010:nf_hook_entry_head+0xaa/0x150",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38678",
"url": "https://www.suse.com/security/cve/CVE-2025-38678"
},
{
"category": "external",
"summary": "SUSE Bug 1249126 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "external",
"summary": "SUSE Bug 1249534 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38678"
},
{
"cve": "CVE-2025-38683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhv_netvsc: Fix panic during namespace deletion with VF\n\nThe existing code move the VF NIC to new namespace when NETDEV_REGISTER is\nreceived on netvsc NIC. During deletion of the namespace,\ndefault_device_exit_batch() \u003e\u003e default_device_exit_net() is called. When\nnetvsc NIC is moved back and registered to the default namespace, it\nautomatically brings VF NIC back to the default namespace. This will cause\nthe default_device_exit_net() \u003e\u003e for_each_netdev_safe loop unable to detect\nthe list end, and hit NULL ptr:\n\n[ 231.449420] mana 7870:00:00.0 enP30832s1: Moved VF to namespace with: eth0\n[ 231.449656] BUG: kernel NULL pointer dereference, address: 0000000000000010\n[ 231.450246] #PF: supervisor read access in kernel mode\n[ 231.450579] #PF: error_code(0x0000) - not-present page\n[ 231.450916] PGD 17b8a8067 P4D 0\n[ 231.451163] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 231.451450] CPU: 82 UID: 0 PID: 1394 Comm: kworker/u768:1 Not tainted 6.16.0-rc4+ #3 VOLUNTARY\n[ 231.452042] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 231.452692] Workqueue: netns cleanup_net\n[ 231.452947] RIP: 0010:default_device_exit_batch+0x16c/0x3f0\n[ 231.453326] Code: c0 0c f5 b3 e8 d5 db fe ff 48 85 c0 74 15 48 c7 c2 f8 fd ca b2 be 10 00 00 00 48 8d 7d c0 e8 7b 77 25 00 49 8b 86 28 01 00 00 \u003c48\u003e 8b 50 10 4c 8b 2a 4c 8d 62 f0 49 83 ed 10 4c 39 e0 0f 84 d6 00\n[ 231.454294] RSP: 0018:ff75fc7c9bf9fd00 EFLAGS: 00010246\n[ 231.454610] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 61c8864680b583eb\n[ 231.455094] RDX: ff1fa9f71462d800 RSI: ff75fc7c9bf9fd38 RDI: 0000000030766564\n[ 231.455686] RBP: ff75fc7c9bf9fd78 R08: 0000000000000000 R09: 0000000000000000\n[ 231.456126] R10: 0000000000000001 R11: 0000000000000004 R12: ff1fa9f70088e340\n[ 231.456621] R13: ff1fa9f70088e340 R14: ffffffffb3f50c20 R15: ff1fa9f7103e6340\n[ 231.457161] FS: 0000000000000000(0000) GS:ff1faa6783a08000(0000) knlGS:0000000000000000\n[ 231.457707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 231.458031] CR2: 0000000000000010 CR3: 0000000179ab2006 CR4: 0000000000b73ef0\n[ 231.458434] Call Trace:\n[ 231.458600] \u003cTASK\u003e\n[ 231.458777] ops_undo_list+0x100/0x220\n[ 231.459015] cleanup_net+0x1b8/0x300\n[ 231.459285] process_one_work+0x184/0x340\n\nTo fix it, move the ns change to a workqueue, and take rtnl_lock to avoid\nchanging the netdev list when default_device_exit_net() is using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38683",
"url": "https://www.suse.com/security/cve/CVE-2025-38683"
},
{
"category": "external",
"summary": "SUSE Bug 1249159 for CVE-2025-38683",
"url": "https://bugzilla.suse.com/1249159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-38683"
},
{
"cve": "CVE-2025-38685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix vmalloc out-of-bounds write in fast_imageblit\n\nThis issue triggers when a userspace program does an ioctl\nFBIOPUT_CON2FBMAP by passing console number and frame buffer number.\nIdeally this maps console to frame buffer and updates the screen if\nconsole is visible.\n\nAs part of mapping it has to do resize of console according to frame\nbuffer info. if this resize fails and returns from vc_do_resize() and\ncontinues further. At this point console and new frame buffer are mapped\nand sets display vars. Despite failure still it continue to proceed\nupdating the screen at later stages where vc_data is related to previous\nframe buffer and frame buffer info and display vars are mapped to new\nframe buffer and eventully leading to out-of-bounds write in\nfast_imageblit(). This bheviour is excepted only when fg_console is\nequal to requested console which is a visible console and updates screen\nwith invalid struct references in fbcon_putcs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38685",
"url": "https://www.suse.com/security/cve/CVE-2025-38685"
},
{
"category": "external",
"summary": "SUSE Bug 1249220 for CVE-2025-38685",
"url": "https://bugzilla.suse.com/1249220"
},
{
"category": "external",
"summary": "SUSE Bug 1249240 for CVE-2025-38685",
"url": "https://bugzilla.suse.com/1249240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-38685"
},
{
"cve": "CVE-2025-38706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()\n\nsnd_soc_remove_pcm_runtime() might be called with rtd == NULL which will\nleads to null pointer dereference.\nThis was reproduced with topology loading and marking a link as ignore\ndue to missing hardware component on the system.\nOn module removal the soc_tplg_remove_link() would call\nsnd_soc_remove_pcm_runtime() with rtd == NULL since the link was ignored,\nno runtime was created.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38706",
"url": "https://www.suse.com/security/cve/CVE-2025-38706"
},
{
"category": "external",
"summary": "SUSE Bug 1249195 for CVE-2025-38706",
"url": "https://bugzilla.suse.com/1249195"
},
{
"category": "external",
"summary": "SUSE Bug 1250193 for CVE-2025-38706",
"url": "https://bugzilla.suse.com/1250193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-38706"
},
{
"cve": "CVE-2025-38713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n\nThe hfsplus_readdir() method is capable to crash by calling\nhfsplus_uni2asc():\n\n[ 667.121659][ T9805] ==================================================================\n[ 667.122651][ T9805] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x902/0xa10\n[ 667.123627][ T9805] Read of size 2 at addr ffff88802592f40c by task repro/9805\n[ 667.124578][ T9805]\n[ 667.124876][ T9805] CPU: 3 UID: 0 PID: 9805 Comm: repro Not tainted 6.16.0-rc3 #1 PREEMPT(full)\n[ 667.124886][ T9805] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 667.124890][ T9805] Call Trace:\n[ 667.124893][ T9805] \u003cTASK\u003e\n[ 667.124896][ T9805] dump_stack_lvl+0x10e/0x1f0\n[ 667.124911][ T9805] print_report+0xd0/0x660\n[ 667.124920][ T9805] ? __virt_addr_valid+0x81/0x610\n[ 667.124928][ T9805] ? __phys_addr+0xe8/0x180\n[ 667.124934][ T9805] ? hfsplus_uni2asc+0x902/0xa10\n[ 667.124942][ T9805] kasan_report+0xc6/0x100\n[ 667.124950][ T9805] ? hfsplus_uni2asc+0x902/0xa10\n[ 667.124959][ T9805] hfsplus_uni2asc+0x902/0xa10\n[ 667.124966][ T9805] ? hfsplus_bnode_read+0x14b/0x360\n[ 667.124974][ T9805] hfsplus_readdir+0x845/0xfc0\n[ 667.124984][ T9805] ? __pfx_hfsplus_readdir+0x10/0x10\n[ 667.124994][ T9805] ? stack_trace_save+0x8e/0xc0\n[ 667.125008][ T9805] ? iterate_dir+0x18b/0xb20\n[ 667.125015][ T9805] ? trace_lock_acquire+0x85/0xd0\n[ 667.125022][ T9805] ? lock_acquire+0x30/0x80\n[ 667.125029][ T9805] ? iterate_dir+0x18b/0xb20\n[ 667.125037][ T9805] ? down_read_killable+0x1ed/0x4c0\n[ 667.125044][ T9805] ? putname+0x154/0x1a0\n[ 667.125051][ T9805] ? __pfx_down_read_killable+0x10/0x10\n[ 667.125058][ T9805] ? apparmor_file_permission+0x239/0x3e0\n[ 667.125069][ T9805] iterate_dir+0x296/0xb20\n[ 667.125076][ T9805] __x64_sys_getdents64+0x13c/0x2c0\n[ 667.125084][ T9805] ? __pfx___x64_sys_getdents64+0x10/0x10\n[ 667.125091][ T9805] ? __x64_sys_openat+0x141/0x200\n[ 667.125126][ T9805] ? __pfx_filldir64+0x10/0x10\n[ 667.125134][ T9805] ? do_user_addr_fault+0x7fe/0x12f0\n[ 667.125143][ T9805] do_syscall_64+0xc9/0x480\n[ 667.125151][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 667.125158][ T9805] RIP: 0033:0x7fa8753b2fc9\n[ 667.125164][ T9805] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 48\n[ 667.125172][ T9805] RSP: 002b:00007ffe96f8e0f8 EFLAGS: 00000217 ORIG_RAX: 00000000000000d9\n[ 667.125181][ T9805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8753b2fc9\n[ 667.125185][ T9805] RDX: 0000000000000400 RSI: 00002000000063c0 RDI: 0000000000000004\n[ 667.125190][ T9805] RBP: 00007ffe96f8e110 R08: 00007ffe96f8e110 R09: 00007ffe96f8e110\n[ 667.125195][ T9805] R10: 0000000000000000 R11: 0000000000000217 R12: 0000556b1e3b4260\n[ 667.125199][ T9805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 667.125207][ T9805] \u003c/TASK\u003e\n[ 667.125210][ T9805]\n[ 667.145632][ T9805] Allocated by task 9805:\n[ 667.145991][ T9805] kasan_save_stack+0x20/0x40\n[ 667.146352][ T9805] kasan_save_track+0x14/0x30\n[ 667.146717][ T9805] __kasan_kmalloc+0xaa/0xb0\n[ 667.147065][ T9805] __kmalloc_noprof+0x205/0x550\n[ 667.147448][ T9805] hfsplus_find_init+0x95/0x1f0\n[ 667.147813][ T9805] hfsplus_readdir+0x220/0xfc0\n[ 667.148174][ T9805] iterate_dir+0x296/0xb20\n[ 667.148549][ T9805] __x64_sys_getdents64+0x13c/0x2c0\n[ 667.148937][ T9805] do_syscall_64+0xc9/0x480\n[ 667.149291][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 667.149809][ T9805]\n[ 667.150030][ T9805] The buggy address belongs to the object at ffff88802592f000\n[ 667.150030][ T9805] which belongs to the cache kmalloc-2k of size 2048\n[ 667.151282][ T9805] The buggy address is located 0 bytes to the right of\n[ 667.151282][ T9805] allocated 1036-byte region [ffff88802592f000, ffff88802592f40c)\n[ 667.1\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38713",
"url": "https://www.suse.com/security/cve/CVE-2025-38713"
},
{
"category": "external",
"summary": "SUSE Bug 1249200 for CVE-2025-38713",
"url": "https://bugzilla.suse.com/1249200"
},
{
"category": "external",
"summary": "SUSE Bug 1249738 for CVE-2025-38713",
"url": "https://bugzilla.suse.com/1249738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-38713"
},
{
"cve": "CVE-2025-38734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix UAF on smcsk after smc_listen_out()\n\nBPF CI testing report a UAF issue:\n\n [ 16.446633] BUG: kernel NULL pointer dereference, address: 000000000000003 0\n [ 16.447134] #PF: supervisor read access in kernel mod e\n [ 16.447516] #PF: error_code(0x0000) - not-present pag e\n [ 16.447878] PGD 0 P4D 0\n [ 16.448063] Oops: Oops: 0000 [#1] PREEMPT SMP NOPT I\n [ 16.448409] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Tainted: G OE 6.13.0-rc3-g89e8a75fda73-dirty #4 2\n [ 16.449124] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODUL E\n [ 16.449502] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/201 4\n [ 16.450201] Workqueue: smc_hs_wq smc_listen_wor k\n [ 16.450531] RIP: 0010:smc_listen_work+0xc02/0x159 0\n [ 16.452158] RSP: 0018:ffffb5ab40053d98 EFLAGS: 0001024 6\n [ 16.452526] RAX: 0000000000000001 RBX: 0000000000000002 RCX: 000000000000030 0\n [ 16.452994] RDX: 0000000000000280 RSI: 00003513840053f0 RDI: 000000000000000 0\n [ 16.453492] RBP: ffffa097808e3800 R08: ffffa09782dba1e0 R09: 000000000000000 5\n [ 16.453987] R10: 0000000000000000 R11: 0000000000000000 R12: ffffa0978274640 0\n [ 16.454497] R13: 0000000000000000 R14: 0000000000000000 R15: ffffa09782d4092 0\n [ 16.454996] FS: 0000000000000000(0000) GS:ffffa097bbc00000(0000) knlGS:000000000000000 0\n [ 16.455557] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003 3\n [ 16.455961] CR2: 0000000000000030 CR3: 0000000102788004 CR4: 0000000000770ef 0\n [ 16.456459] PKRU: 5555555 4\n [ 16.456654] Call Trace :\n [ 16.456832] \u003cTASK \u003e\n [ 16.456989] ? __die+0x23/0x7 0\n [ 16.457215] ? page_fault_oops+0x180/0x4c 0\n [ 16.457508] ? __lock_acquire+0x3e6/0x249 0\n [ 16.457801] ? exc_page_fault+0x68/0x20 0\n [ 16.458080] ? asm_exc_page_fault+0x26/0x3 0\n [ 16.458389] ? smc_listen_work+0xc02/0x159 0\n [ 16.458689] ? smc_listen_work+0xc02/0x159 0\n [ 16.458987] ? lock_is_held_type+0x8f/0x10 0\n [ 16.459284] process_one_work+0x1ea/0x6d 0\n [ 16.459570] worker_thread+0x1c3/0x38 0\n [ 16.459839] ? __pfx_worker_thread+0x10/0x1 0\n [ 16.460144] kthread+0xe0/0x11 0\n [ 16.460372] ? __pfx_kthread+0x10/0x1 0\n [ 16.460640] ret_from_fork+0x31/0x5 0\n [ 16.460896] ? __pfx_kthread+0x10/0x1 0\n [ 16.461166] ret_from_fork_asm+0x1a/0x3 0\n [ 16.461453] \u003c/TASK \u003e\n [ 16.461616] Modules linked in: bpf_testmod(OE) [last unloaded: bpf_testmod(OE) ]\n [ 16.462134] CR2: 000000000000003 0\n [ 16.462380] ---[ end trace 0000000000000000 ]---\n [ 16.462710] RIP: 0010:smc_listen_work+0xc02/0x1590\n\nThe direct cause of this issue is that after smc_listen_out_connected(),\nnewclcsock-\u003esk may be NULL since it will releases the smcsk. Therefore,\nif the application closes the socket immediately after accept,\nnewclcsock-\u003esk can be NULL. A possible execution order could be as\nfollows:\n\nsmc_listen_work | userspace\n-----------------------------------------------------------------\nlock_sock(sk) |\nsmc_listen_out_connected() |\n| \\- smc_listen_out |\n| | \\- release_sock |\n | |- sk-\u003esk_data_ready() |\n | fd = accept();\n | close(fd);\n | \\- socket-\u003esk = NULL;\n/* newclcsock-\u003esk is NULL now */\nSMC_STAT_SERV_SUCC_INC(sock_net(newclcsock-\u003esk))\n\nSince smc_listen_out_connected() will not fail, simply swapping the order\nof the code can easily fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38734",
"url": "https://www.suse.com/security/cve/CVE-2025-38734"
},
{
"category": "external",
"summary": "SUSE Bug 1249324 for CVE-2025-38734",
"url": "https://bugzilla.suse.com/1249324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-38734"
},
{
"cve": "CVE-2025-39691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/buffer: fix use-after-free when call bh_read() helper\n\nThere\u0027s issue as follows:\nBUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110\nRead of size 8 at addr ffffc9000168f7f8 by task swapper/3/0\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.16.0-862.14.0.6.x86_64\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x2c/0x390\n print_report+0xb4/0x270\n kasan_report+0xb8/0xf0\n end_buffer_read_sync+0xe3/0x110\n end_bio_bh_io_sync+0x56/0x80\n blk_update_request+0x30a/0x720\n scsi_end_request+0x51/0x2b0\n scsi_io_completion+0xe3/0x480\n ? scsi_device_unbusy+0x11e/0x160\n blk_complete_reqs+0x7b/0x90\n handle_softirqs+0xef/0x370\n irq_exit_rcu+0xa5/0xd0\n sysvec_apic_timer_interrupt+0x6e/0x90\n \u003c/IRQ\u003e\n\n Above issue happens when do ntfs3 filesystem mount, issue may happens\n as follows:\n mount IRQ\nntfs_fill_super\n read_cache_page\n do_read_cache_folio\n filemap_read_folio\n mpage_read_folio\n\t do_mpage_readpage\n\t ntfs_get_block_vbo\n\t bh_read\n\t submit_bh\n\t wait_on_buffer(bh);\n\t blk_complete_reqs\n\t\t\t\t scsi_io_completion\n\t\t\t\t scsi_end_request\n\t\t\t\t blk_update_request\n\t\t\t\t end_bio_bh_io_sync\n\t\t\t\t\t end_buffer_read_sync\n\t\t\t\t\t __end_buffer_read_notouch\n\t\t\t\t\t unlock_buffer\n\n wait_on_buffer(bh);--\u003e return will return to caller\n\n\t\t\t\t\t put_bh\n\t\t\t\t\t --\u003e trigger stack-out-of-bounds\nIn the mpage_read_folio() function, the stack variable \u0027map_bh\u0027 is\npassed to ntfs_get_block_vbo(). Once unlock_buffer() unlocks and\nwait_on_buffer() returns to continue processing, the stack variable\nis likely to be reclaimed. Consequently, during the end_buffer_read_sync()\nprocess, calling put_bh() may result in stack overrun.\n\nIf the bh is not allocated on the stack, it belongs to a folio. Freeing\na buffer head which belongs to a folio is done by drop_buffers() which\nwill fail to free buffers which are still locked. So it is safe to call\nput_bh() before __end_buffer_read_notouch().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39691",
"url": "https://www.suse.com/security/cve/CVE-2025-39691"
},
{
"category": "external",
"summary": "SUSE Bug 1249374 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "external",
"summary": "SUSE Bug 1249392 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39691"
},
{
"cve": "CVE-2025-39703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, hsr: reject HSR frame if skb can\u0027t hold tag\n\nReceiving HSR frame with insufficient space to hold HSR tag in the skb\ncan result in a crash (kernel BUG):\n\n[ 45.390915] skbuff: skb_under_panic: text:ffffffff86f32cac len:26 put:14 head:ffff888042418000 data:ffff888042417ff4 tail:0xe end:0x180 dev:bridge_slave_1\n[ 45.392559] ------------[ cut here ]------------\n[ 45.392912] kernel BUG at net/core/skbuff.c:211!\n[ 45.393276] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 45.393809] CPU: 1 UID: 0 PID: 2496 Comm: reproducer Not tainted 6.15.0 #12 PREEMPT(undef)\n[ 45.394433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 45.395273] RIP: 0010:skb_panic+0x15b/0x1d0\n\n\u003csnip registers, remove unreliable trace\u003e\n\n[ 45.402911] Call Trace:\n[ 45.403105] \u003cIRQ\u003e\n[ 45.404470] skb_push+0xcd/0xf0\n[ 45.404726] br_dev_queue_push_xmit+0x7c/0x6c0\n[ 45.406513] br_forward_finish+0x128/0x260\n[ 45.408483] __br_forward+0x42d/0x590\n[ 45.409464] maybe_deliver+0x2eb/0x420\n[ 45.409763] br_flood+0x174/0x4a0\n[ 45.410030] br_handle_frame_finish+0xc7c/0x1bc0\n[ 45.411618] br_handle_frame+0xac3/0x1230\n[ 45.413674] __netif_receive_skb_core.constprop.0+0x808/0x3df0\n[ 45.422966] __netif_receive_skb_one_core+0xb4/0x1f0\n[ 45.424478] __netif_receive_skb+0x22/0x170\n[ 45.424806] process_backlog+0x242/0x6d0\n[ 45.425116] __napi_poll+0xbb/0x630\n[ 45.425394] net_rx_action+0x4d1/0xcc0\n[ 45.427613] handle_softirqs+0x1a4/0x580\n[ 45.427926] do_softirq+0x74/0x90\n[ 45.428196] \u003c/IRQ\u003e\n\nThis issue was found by syzkaller.\n\nThe panic happens in br_dev_queue_push_xmit() once it receives a\ncorrupted skb with ETH header already pushed in linear data. When it\nattempts the skb_push() call, there\u0027s not enough headroom and\nskb_push() panics.\n\nThe corrupted skb is put on the queue by HSR layer, which makes a\nsequence of unintended transformations when it receives a specific\ncorrupted HSR frame (with incomplete TAG).\n\nFix it by dropping and consuming frames that are not long enough to\ncontain both ethernet and hsr headers.\n\nAlternative fix would be to check for enough headroom before skb_push()\nin br_dev_queue_push_xmit().\n\nIn the reproducer, this is injected via AF_PACKET, but I don\u0027t easily\nsee why it couldn\u0027t be sent over the wire from adjacent network.\n\nFurther Details:\n\nIn the reproducer, the following network interface chain is set up:\n\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth0_to_hsr \u251c\u2500\u2500\u2500\u2524 hsr_slave0 \u253c\u2500\u2500\u2500\u2510\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2510\n \u251c\u2500\u2524 hsr0 \u251c\u2500\u2500\u2500\u2510\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 | | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth1_to_hsr \u253c\u2500\u2500\u2500\u2524 hsr_slave1 \u251c\u2500\u2500\u2500\u2518 \u2524 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u253c bridge |\n || |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 |\n | ... \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\nTo trigger the events leading up to crash, reproducer sends a corrupted\nHSR fr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39703",
"url": "https://www.suse.com/security/cve/CVE-2025-39703"
},
{
"category": "external",
"summary": "SUSE Bug 1249315 for CVE-2025-39703",
"url": "https://bugzilla.suse.com/1249315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39703"
},
{
"cve": "CVE-2025-39726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: fix concurrency management in ism_cmd()\n\nThe s390x ISM device data sheet clearly states that only one\nrequest-response sequence is allowable per ISM function at any point in\ntime. Unfortunately as of today the s390/ism driver in Linux does not\nhonor that requirement. This patch aims to rectify that.\n\nThis problem was discovered based on Aliaksei\u0027s bug report which states\nthat for certain workloads the ISM functions end up entering error state\n(with PEC 2 as seen from the logs) after a while and as a consequence\nconnections handled by the respective function break, and for future\nconnection requests the ISM device is not considered -- given it is in a\ndysfunctional state. During further debugging PEC 3A was observed as\nwell.\n\nA kernel message like\n[ 1211.244319] zpci: 061a:00:00.0: Event 0x2 reports an error for PCI function 0x61a\nis a reliable indicator of the stated function entering error state\nwith PEC 2. Let me also point out that a kernel message like\n[ 1211.244325] zpci: 061a:00:00.0: The ism driver bound to the device does not support error recovery\nis a reliable indicator that the ISM function won\u0027t be auto-recovered\nbecause the ISM driver currently lacks support for it.\n\nOn a technical level, without this synchronization, commands (inputs to\nthe FW) may be partially or fully overwritten (corrupted) by another CPU\ntrying to issue commands on the same function. There is hard evidence that\nthis can lead to DMB token values being used as DMB IOVAs, leading to\nPEC 2 PCI events indicating invalid DMA. But this is only one of the\nfailure modes imaginable. In theory even completely losing one command\nand executing another one twice and then trying to interpret the outputs\nas if the command we intended to execute was actually executed and not\nthe other one is also possible. Frankly, I don\u0027t feel confident about\nproviding an exhaustive list of possible consequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39726",
"url": "https://www.suse.com/security/cve/CVE-2025-39726"
},
{
"category": "external",
"summary": "SUSE Bug 1249266 for CVE-2025-39726",
"url": "https://bugzilla.suse.com/1249266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39726"
},
{
"cve": "CVE-2025-39746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39746"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: shutdown driver when hardware is unreliable\n\nIn rare cases, ath10k may lose connection with the PCIe bus due to\nsome unknown reasons, which could further lead to system crashes during\nresuming due to watchdog timeout:\n\nath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware\nath10k_pci 0000:01:00.0: already restarting\nath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11\nath10k_pci 0000:01:00.0: failed to stop vdev 0: -11\nieee80211 phy0: PM: **** DPM device timeout ****\nCall Trace:\n panic+0x125/0x315\n dpm_watchdog_set+0x54/0x54\n dpm_watchdog_handler+0x57/0x57\n call_timer_fn+0x31/0x13c\n\nAt this point, all WMI commands will timeout and attempt to restart\ndevice. So set a threshold for consecutive restart failures. If the\nthreshold is exceeded, consider the hardware is unreliable and all\nath10k operations should be skipped to avoid system crash.\n\nfail_cont_count and pending_recovery are atomic variables, and\ndo not involve complex conditional logic. Therefore, even if recovery\ncheck and reconfig complete are executed concurrently, the recovery\nmechanism will not be broken.\n\nTested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39746",
"url": "https://www.suse.com/security/cve/CVE-2025-39746"
},
{
"category": "external",
"summary": "SUSE Bug 1249516 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "external",
"summary": "SUSE Bug 1249517 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39746"
},
{
"cve": "CVE-2025-39751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39751"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39751",
"url": "https://www.suse.com/security/cve/CVE-2025-39751"
},
{
"category": "external",
"summary": "SUSE Bug 1249538 for CVE-2025-39751",
"url": "https://bugzilla.suse.com/1249538"
},
{
"category": "external",
"summary": "SUSE Bug 1249539 for CVE-2025-39751",
"url": "https://bugzilla.suse.com/1249539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39751"
},
{
"cve": "CVE-2025-39790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Detect events pointing to unexpected TREs\n\nWhen a remote device sends a completion event to the host, it contains a\npointer to the consumed TRE. The host uses this pointer to process all of\nthe TREs between it and the host\u0027s local copy of the ring\u0027s read pointer.\nThis works when processing completion for chained transactions, but can\nlead to nasty results if the device sends an event for a single-element\ntransaction with a read pointer that is multiple elements ahead of the\nhost\u0027s read pointer.\n\nFor instance, if the host accesses an event ring while the device is\nupdating it, the pointer inside of the event might still point to an old\nTRE. If the host uses the channel\u0027s xfer_cb() to directly free the buffer\npointed to by the TRE, the buffer will be double-freed.\n\nThis behavior was observed on an ep that used upstream EP stack without\n\u0027commit 6f18d174b73d (\"bus: mhi: ep: Update read pointer only after buffer\nis written\")\u0027. Where the device updated the events ring pointer before\nupdating the event contents, so it left a window where the host was able to\naccess the stale data the event pointed to, before the device had the\nchance to update them. The usual pattern was that the host received an\nevent pointing to a TRE that is not immediately after the last processed\none, so it got treated as if it was a chained transaction, processing all\nof the TREs in between the two read pointers.\n\nThis commit aims to harden the host by ensuring transactions where the\nevent points to a TRE that isn\u0027t local_rp + 1 are chained.\n\n[mani: added stable tag and reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39790",
"url": "https://www.suse.com/security/cve/CVE-2025-39790"
},
{
"category": "external",
"summary": "SUSE Bug 1249548 for CVE-2025-39790",
"url": "https://bugzilla.suse.com/1249548"
},
{
"category": "external",
"summary": "SUSE Bug 1249549 for CVE-2025-39790",
"url": "https://bugzilla.suse.com/1249549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "important"
}
],
"title": "CVE-2025-39790"
},
{
"cve": "CVE-2025-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: use array_index_nospec with indices that come from guest\n\nmin and dest_id are guest-controlled indices. Using array_index_nospec()\nafter the bounds checks clamps these values to mitigate speculative execution\nside-channels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39823",
"url": "https://www.suse.com/security/cve/CVE-2025-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1250002 for CVE-2025-39823",
"url": "https://bugzilla.suse.com/1250002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39823"
},
{
"cve": "CVE-2025-39824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: asus: fix UAF via HID_CLAIMED_INPUT validation\n\nAfter hid_hw_start() is called hidinput_connect() will eventually be\ncalled to set up the device with the input layer since the\nHID_CONNECT_DEFAULT connect mask is used. During hidinput_connect()\nall input and output reports are processed and corresponding hid_inputs\nare allocated and configured via hidinput_configure_usages(). This\nprocess involves slot tagging report fields and configuring usages\nby setting relevant bits in the capability bitmaps. However it is possible\nthat the capability bitmaps are not set at all leading to the subsequent\nhidinput_has_been_populated() check to fail leading to the freeing of the\nhid_input and the underlying input device.\n\nThis becomes problematic because a malicious HID device like a\nASUS ROG N-Key keyboard can trigger the above scenario via a\nspecially crafted descriptor which then leads to a user-after-free\nwhen the name of the freed input device is written to later on after\nhid_hw_start(). Below, report 93 intentionally utilises the\nHID_UP_UNDEFINED Usage Page which is skipped during usage\nconfiguration, leading to the frees.\n\n0x05, 0x0D, // Usage Page (Digitizer)\n0x09, 0x05, // Usage (Touch Pad)\n0xA1, 0x01, // Collection (Application)\n0x85, 0x0D, // Report ID (13)\n0x06, 0x00, 0xFF, // Usage Page (Vendor Defined 0xFF00)\n0x09, 0xC5, // Usage (0xC5)\n0x15, 0x00, // Logical Minimum (0)\n0x26, 0xFF, 0x00, // Logical Maximum (255)\n0x75, 0x08, // Report Size (8)\n0x95, 0x04, // Report Count (4)\n0xB1, 0x02, // Feature (Data,Var,Abs)\n0x85, 0x5D, // Report ID (93)\n0x06, 0x00, 0x00, // Usage Page (Undefined)\n0x09, 0x01, // Usage (0x01)\n0x15, 0x00, // Logical Minimum (0)\n0x26, 0xFF, 0x00, // Logical Maximum (255)\n0x75, 0x08, // Report Size (8)\n0x95, 0x1B, // Report Count (27)\n0x81, 0x02, // Input (Data,Var,Abs)\n0xC0, // End Collection\n\nBelow is the KASAN splat after triggering the UAF:\n\n[ 21.672709] ==================================================================\n[ 21.673700] BUG: KASAN: slab-use-after-free in asus_probe+0xeeb/0xf80\n[ 21.673700] Write of size 8 at addr ffff88810a0ac000 by task kworker/1:2/54\n[ 21.673700]\n[ 21.673700] CPU: 1 UID: 0 PID: 54 Comm: kworker/1:2 Not tainted 6.16.0-rc4-g9773391cf4dd-dirty #36 PREEMPT(voluntary)\n[ 21.673700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n[ 21.673700] Call Trace:\n[ 21.673700] \u003cTASK\u003e\n[ 21.673700] dump_stack_lvl+0x5f/0x80\n[ 21.673700] print_report+0xd1/0x660\n[ 21.673700] kasan_report+0xe5/0x120\n[ 21.673700] __asan_report_store8_noabort+0x1b/0x30\n[ 21.673700] asus_probe+0xeeb/0xf80\n[ 21.673700] hid_device_probe+0x2ee/0x700\n[ 21.673700] really_probe+0x1c6/0x6b0\n[ 21.673700] __driver_probe_device+0x24f/0x310\n[ 21.673700] driver_probe_device+0x4e/0x220\n[...]\n[ 21.673700]\n[ 21.673700] Allocated by task 54:\n[ 21.673700] kasan_save_stack+0x3d/0x60\n[ 21.673700] kasan_save_track+0x18/0x40\n[ 21.673700] kasan_save_alloc_info+0x3b/0x50\n[ 21.673700] __kasan_kmalloc+0x9c/0xa0\n[ 21.673700] __kmalloc_cache_noprof+0x139/0x340\n[ 21.673700] input_allocate_device+0x44/0x370\n[ 21.673700] hidinput_connect+0xcb6/0x2630\n[ 21.673700] hid_connect+0xf74/0x1d60\n[ 21.673700] hid_hw_start+0x8c/0x110\n[ 21.673700] asus_probe+0x5a3/0xf80\n[ 21.673700] hid_device_probe+0x2ee/0x700\n[ 21.673700] really_probe+0x1c6/0x6b0\n[ 21.673700] __driver_probe_device+0x24f/0x310\n[ 21.673700] driver_probe_device+0x4e/0x220\n[...]\n[ 21.673700]\n[ 21.673700] Freed by task 54:\n[ 21.673700] kasan_save_stack+0x3d/0x60\n[ 21.673700] kasan_save_track+0x18/0x40\n[ 21.673700] kasan_save_free_info+0x3f/0x60\n[ 21.673700] __kasan_slab_free+0x3c/0x50\n[ 21.673700] kfre\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39824",
"url": "https://www.suse.com/security/cve/CVE-2025-39824"
},
{
"category": "external",
"summary": "SUSE Bug 1250007 for CVE-2025-39824",
"url": "https://bugzilla.suse.com/1250007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39824"
},
{
"cve": "CVE-2025-39860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n\nsyzbot reported the splat below without a repro.\n\nIn the splat, a single thread calling bt_accept_dequeue() freed sk\nand touched it after that.\n\nThe root cause would be the racy l2cap_sock_cleanup_listen() call\nadded by the cited commit.\n\nbt_accept_dequeue() is called under lock_sock() except for\nl2cap_sock_release().\n\nTwo threads could see the same socket during the list iteration\nin bt_accept_dequeue():\n\n CPU1 CPU2 (close())\n ---- ----\n sock_hold(sk) sock_hold(sk);\n lock_sock(sk) \u003c-- block close()\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) \u003c-- refcnt by bt_accept_enqueue()\n release_sock(sk)\n lock_sock(sk)\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) \u003c-- last refcnt\n bt_accept_unlink(sk) \u003c-- UAF\n\nDepending on the timing, the other thread could show up in the\n\"Freed by task\" part.\n\nLet\u0027s call l2cap_sock_cleanup_listen() under lock_sock() in\nl2cap_sock_release().\n\n[0]:\nBUG: KASAN: slab-use-after-free in debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\nBUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\nRead of size 4 at addr ffff88803b7eb1c4 by task syz.5.3276/16995\nCPU: 3 UID: 0 PID: 16995 Comm: syz.5.3276 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\n do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n release_sock+0x21/0x220 net/core/sock.c:3746\n bt_accept_dequeue+0x505/0x600 net/bluetooth/af_bluetooth.c:312\n l2cap_sock_cleanup_listen+0x5c/0x2a0 net/bluetooth/l2cap_sock.c:1451\n l2cap_sock_release+0x5c/0x210 net/bluetooth/l2cap_sock.c:1425\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x3ff/0xb70 fs/file_table.c:468\n task_work_run+0x14d/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xeb/0x110 kernel/entry/common.c:43\n exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]\n do_syscall_64+0x3f6/0x4c0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2accf8ebe9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffdb6cb1378 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 00000000000426fb RCX: 00007f2accf8ebe9\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007f2acd1b7da0 R08: 0000000000000001 R09: 00000012b6cb166f\nR10: 0000001b30e20000 R11: 0000000000000246 R12: 00007f2acd1b609c\nR13: 00007f2acd1b6090 R14: ffffffffffffffff R15: 00007ffdb6cb1490\n \u003c/TASK\u003e\n\nAllocated by task 5326:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4365 [inline]\n __kmalloc_nopro\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39860",
"url": "https://www.suse.com/security/cve/CVE-2025-39860"
},
{
"category": "external",
"summary": "SUSE Bug 1250247 for CVE-2025-39860",
"url": "https://bugzilla.suse.com/1250247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39860"
},
{
"cve": "CVE-2025-39869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Fix memory allocation size for queue_priority_map\n\nFix a critical memory allocation bug in edma_setup_from_hw() where\nqueue_priority_map was allocated with insufficient memory. The code\ndeclared queue_priority_map as s8 (*)[2] (pointer to array of 2 s8),\nbut allocated memory using sizeof(s8) instead of the correct size.\n\nThis caused out-of-bounds memory writes when accessing:\n queue_priority_map[i][0] = i;\n queue_priority_map[i][1] = i;\n\nThe bug manifested as kernel crashes with \"Oops - undefined instruction\"\non ARM platforms (BeagleBoard-X15) during EDMA driver probe, as the\nmemory corruption triggered kernel hardening features on Clang.\n\nChange the allocation to use sizeof(*queue_priority_map) which\nautomatically gets the correct size for the 2D array structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39869",
"url": "https://www.suse.com/security/cve/CVE-2025-39869"
},
{
"category": "external",
"summary": "SUSE Bug 1250406 for CVE-2025-39869",
"url": "https://bugzilla.suse.com/1250406"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.109.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-23T15:04:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-39869"
}
]
}
suse-su-2025:03615-1
Vulnerability from csaf_suse
Published
2025-10-16 05:49
Modified
2025-10-16 05:49
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160).
- CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} (bsc#1246968).
- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846).
- CVE-2022-50409: net: If sock is dead do not access sock's sk_wq in sk_stream_wait_memory (bsc#1250392).
- CVE-2023-53178: mm: fix zswap writeback race condition (bsc#1249827).
- CVE-2023-53257: wifi: mac80211: check S1G action frame size (bsc#1249869).
- CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313).
- CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1245666).
- CVE-2025-38380: i2c/designware: Fix an initialization issue (bsc#1247028).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220).
- CVE-2025-38706: ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (bsc#1249195).
- CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538).
- CVE-2025-39790: bus: mhi: host: Detect events pointing to unexpected TREs (bsc#1249548).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007).
- CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247).
- CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406).
The following non-security bugs were fixed:
- !CONFIG & reference -> this is bug, immediate fail
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Do not self obsolete older kernel variants
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186).
- Limit patch filenames to 100 characters (bsc#1249604).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- Update config files. (bsc#1249186) Enable where we define KABI refs + rely on Kconfig deps.
- build_bug.h: Add KABI assert (bsc#1249186).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- net/sched: ets: use old 'nbands' while purging unused classes (git-fixes).
- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879).
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- supported.conf: mark hyperv_drm as external
- use uniform permission checks for all mount propagation changes (git-fixes).
- xfs: rework datasync tracking and execution (bsc#1237449).
Patchnames
SUSE-2025-3615,SUSE-SLE-Micro-5.5-2025-3615,SUSE-SLE-Module-Live-Patching-15-SP5-2025-3615,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3615,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3615,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3615,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3615
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).