csaf_opensuse - opensuse-su-2025:15585-1

opensuse-su-2025:15585-1

Vulnerability from csaf_opensuse

Published

2025-09-29 00:00

Modified

2025-09-29 00:00

Summary

kernel-devel-6.16.9-1.1 on GA media

Notes

Title of the patch

kernel-devel-6.16.9-1.1 on GA media

Description of the patch

These are all security issues fixed in the kernel-devel-6.16.9-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15585

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "kernel-devel-6.16.9-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the kernel-devel-6.16.9-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15585",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15585-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-50412 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-50412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-53220 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-53220/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38011 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38011/"
      }
    ],
    "title": "kernel-devel-6.16.9-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-09-29T00:00:00Z",
      "generator": {
        "date": "2025-09-29T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15585-1",
      "initial_release_date": "2025-09-29T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-09-29T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-6.16.9-1.1.aarch64",
                "product": {
                  "name": "kernel-devel-6.16.9-1.1.aarch64",
                  "product_id": "kernel-devel-6.16.9-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-6.16.9-1.1.aarch64",
                "product": {
                  "name": "kernel-macros-6.16.9-1.1.aarch64",
                  "product_id": "kernel-macros-6.16.9-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-6.16.9-1.1.aarch64",
                "product": {
                  "name": "kernel-source-6.16.9-1.1.aarch64",
                  "product_id": "kernel-source-6.16.9-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-6.16.9-1.1.aarch64",
                "product": {
                  "name": "kernel-source-vanilla-6.16.9-1.1.aarch64",
                  "product_id": "kernel-source-vanilla-6.16.9-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-6.16.9-1.1.ppc64le",
                "product": {
                  "name": "kernel-devel-6.16.9-1.1.ppc64le",
                  "product_id": "kernel-devel-6.16.9-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-6.16.9-1.1.ppc64le",
                "product": {
                  "name": "kernel-macros-6.16.9-1.1.ppc64le",
                  "product_id": "kernel-macros-6.16.9-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-6.16.9-1.1.ppc64le",
                "product": {
                  "name": "kernel-source-6.16.9-1.1.ppc64le",
                  "product_id": "kernel-source-6.16.9-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-6.16.9-1.1.ppc64le",
                "product": {
                  "name": "kernel-source-vanilla-6.16.9-1.1.ppc64le",
                  "product_id": "kernel-source-vanilla-6.16.9-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-6.16.9-1.1.s390x",
                "product": {
                  "name": "kernel-devel-6.16.9-1.1.s390x",
                  "product_id": "kernel-devel-6.16.9-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-6.16.9-1.1.s390x",
                "product": {
                  "name": "kernel-macros-6.16.9-1.1.s390x",
                  "product_id": "kernel-macros-6.16.9-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-6.16.9-1.1.s390x",
                "product": {
                  "name": "kernel-source-6.16.9-1.1.s390x",
                  "product_id": "kernel-source-6.16.9-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-6.16.9-1.1.s390x",
                "product": {
                  "name": "kernel-source-vanilla-6.16.9-1.1.s390x",
                  "product_id": "kernel-source-vanilla-6.16.9-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-6.16.9-1.1.x86_64",
                "product": {
                  "name": "kernel-devel-6.16.9-1.1.x86_64",
                  "product_id": "kernel-devel-6.16.9-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-6.16.9-1.1.x86_64",
                "product": {
                  "name": "kernel-macros-6.16.9-1.1.x86_64",
                  "product_id": "kernel-macros-6.16.9-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-6.16.9-1.1.x86_64",
                "product": {
                  "name": "kernel-source-6.16.9-1.1.x86_64",
                  "product_id": "kernel-source-6.16.9-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-6.16.9-1.1.x86_64",
                "product": {
                  "name": "kernel-source-vanilla-6.16.9-1.1.x86_64",
                  "product_id": "kernel-source-vanilla-6.16.9-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-6.16.9-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64"
        },
        "product_reference": "kernel-devel-6.16.9-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-6.16.9-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le"
        },
        "product_reference": "kernel-devel-6.16.9-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-6.16.9-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x"
        },
        "product_reference": "kernel-devel-6.16.9-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-6.16.9-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64"
        },
        "product_reference": "kernel-devel-6.16.9-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-6.16.9-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64"
        },
        "product_reference": "kernel-macros-6.16.9-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-6.16.9-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le"
        },
        "product_reference": "kernel-macros-6.16.9-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-6.16.9-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x"
        },
        "product_reference": "kernel-macros-6.16.9-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-6.16.9-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64"
        },
        "product_reference": "kernel-macros-6.16.9-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-6.16.9-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64"
        },
        "product_reference": "kernel-source-6.16.9-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-6.16.9-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le"
        },
        "product_reference": "kernel-source-6.16.9-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-6.16.9-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x"
        },
        "product_reference": "kernel-source-6.16.9-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-6.16.9-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64"
        },
        "product_reference": "kernel-source-6.16.9-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-vanilla-6.16.9-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64"
        },
        "product_reference": "kernel-source-vanilla-6.16.9-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-vanilla-6.16.9-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le"
        },
        "product_reference": "kernel-source-vanilla-6.16.9-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-vanilla-6.16.9-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x"
        },
        "product_reference": "kernel-source-vanilla-6.16.9-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-vanilla-6.16.9-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
        },
        "product_reference": "kernel-source-vanilla-6.16.9-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-50412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-50412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: adv7511: unregister cec i2c device after cec adapter\n\ncec_unregister_adapter() assumes that the underlying adapter ops are\ncallable. For example, if the CEC adapter currently has a valid physical\naddress, then the unregistration procedure will invalidate the physical\naddress by setting it to f.f.f.f. Whence the following kernel oops\nobserved after removing the adv7511 module:\n\n    Unable to handle kernel execution of user memory at virtual address 0000000000000000\n    Internal error: Oops: 86000004 [#1] PREEMPT_RT SMP\n    Call trace:\n     0x0\n     adv7511_cec_adap_log_addr+0x1ac/0x1c8 [adv7511]\n     cec_adap_unconfigure+0x44/0x90 [cec]\n     __cec_s_phys_addr.part.0+0x68/0x230 [cec]\n     __cec_s_phys_addr+0x40/0x50 [cec]\n     cec_unregister_adapter+0xb4/0x118 [cec]\n     adv7511_remove+0x60/0x90 [adv7511]\n     i2c_device_remove+0x34/0xe0\n     device_release_driver_internal+0x114/0x1f0\n     driver_detach+0x54/0xe0\n     bus_remove_driver+0x60/0xd8\n     driver_unregister+0x34/0x60\n     i2c_del_driver+0x2c/0x68\n     adv7511_exit+0x1c/0x67c [adv7511]\n     __arm64_sys_delete_module+0x154/0x288\n     invoke_syscall+0x48/0x100\n     el0_svc_common.constprop.0+0x48/0xe8\n     do_el0_svc+0x28/0x88\n     el0_svc+0x1c/0x50\n     el0t_64_sync_handler+0xa8/0xb0\n     el0t_64_sync+0x15c/0x160\n    Code: bad PC value\n    ---[ end trace 0000000000000000 ]---\n\nProtect against this scenario by unregistering i2c_cec after\nunregistering the CEC adapter. Duly disable the CEC clock afterwards\ntoo.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-50412",
          "url": "https://www.suse.com/security/cve/CVE-2022-50412"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1250189 for CVE-2022-50412",
          "url": "https://bugzilla.suse.com/1250189"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-29T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-50412"
    },
    {
      "cve": "CVE-2023-53220",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-53220"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: az6007: Fix null-ptr-deref in az6007_i2c_xfer()\n\nIn az6007_i2c_xfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach az6007_i2c_xfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 0ed554fd769a\n(\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-53220",
          "url": "https://www.suse.com/security/cve/CVE-2023-53220"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1250337 for CVE-2023-53220",
          "url": "https://bugzilla.suse.com/1250337"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-29T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-53220"
    },
    {
      "cve": "CVE-2025-38011",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38011"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n  \u003cTASK\u003e\n  drm_file_free.part.0+0x1da/0x230 [drm]\n  drm_close_helper.isra.0+0x65/0x70 [drm]\n  drm_release+0x6a/0x120 [drm]\n  amdgpu_drm_release+0x51/0x60 [amdgpu]\n  __fput+0x9f/0x280\n  ____fput+0xe/0x20\n  task_work_run+0x67/0xa0\n  do_exit+0x217/0x3c0\n  do_group_exit+0x3b/0xb0\n  get_signal+0x14a/0x8d0\n  arch_do_signal_or_restart+0xde/0x100\n  exit_to_user_mode_loop+0xc1/0x1a0\n  exit_to_user_mode_prepare+0xf4/0x100\n  syscall_exit_to_user_mode+0x17/0x40\n  do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
          "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38011",
          "url": "https://www.suse.com/security/cve/CVE-2025-38011"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244729 for CVE-2025-38011",
          "url": "https://bugzilla.suse.com/1244729"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-devel-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-macros-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-6.16.9-1.1.x86_64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.aarch64",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.ppc64le",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.s390x",
            "openSUSE Tumbleweed:kernel-source-vanilla-6.16.9-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-29T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-38011"
    }
  ]
}

CVE-2022-50412 (GCVE-0-2022-50412)

Vulnerability from cvelistv5

Published

2025-09-18 16:03

Modified

2025-09-18 16:03

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister_adapter() assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the unregistration procedure will invalidate the physical address by setting it to f.f.f.f. Whence the following kernel oops observed after removing the adv7511 module: Unable to handle kernel execution of user memory at virtual address 0000000000000000 Internal error: Oops: 86000004 [#1] PREEMPT_RT SMP Call trace: 0x0 adv7511_cec_adap_log_addr+0x1ac/0x1c8 [adv7511] cec_adap_unconfigure+0x44/0x90 [cec] __cec_s_phys_addr.part.0+0x68/0x230 [cec] __cec_s_phys_addr+0x40/0x50 [cec] cec_unregister_adapter+0xb4/0x118 [cec] adv7511_remove+0x60/0x90 [adv7511] i2c_device_remove+0x34/0xe0 device_release_driver_internal+0x114/0x1f0 driver_detach+0x54/0xe0 bus_remove_driver+0x60/0xd8 driver_unregister+0x34/0x60 i2c_del_driver+0x2c/0x68 adv7511_exit+0x1c/0x67c [adv7511] __arm64_sys_delete_module+0x154/0x288 invoke_syscall+0x48/0x100 el0_svc_common.constprop.0+0x48/0xe8 do_el0_svc+0x28/0x88 el0_svc+0x1c/0x50 el0t_64_sync_handler+0xa8/0xb0 el0t_64_sync+0x15c/0x160 Code: bad PC value ---[ end trace 0000000000000000 ]--- Protect against this scenario by unregistering i2c_cec after unregistering the CEC adapter. Duly disable the CEC clock afterwards too.

References

URL

Tags

	https://git.kernel.org/stable/c/3747465c5da7a11957a34bbb9485d9fc253b91cc
	https://git.kernel.org/stable/c/f369fb4deed7ab997cfa703dc85ec08b3adc1af8
	https://git.kernel.org/stable/c/4d4d5bc659206b187263190ad9a03513f625659d
	https://git.kernel.org/stable/c/86ae5170786aea3e1751123ca55700fb9b37b623
	https://git.kernel.org/stable/c/40cdb02cb9f965732eb543d47f15bef8d10f0f5f

Impacted products

Vendor

Product

Version

Linux

Version: 3b1b975003e4a3da4b93ab032487a3ae4afca7b5
Version: 3b1b975003e4a3da4b93ab032487a3ae4afca7b5
Version: 3b1b975003e4a3da4b93ab032487a3ae4afca7b5
Version: 3b1b975003e4a3da4b93ab032487a3ae4afca7b5
Version: 3b1b975003e4a3da4b93ab032487a3ae4afca7b5

Linux

Version: 4.15

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/bridge/adv7511/adv7511_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3747465c5da7a11957a34bbb9485d9fc253b91cc",
              "status": "affected",
              "version": "3b1b975003e4a3da4b93ab032487a3ae4afca7b5",
              "versionType": "git"
            },
            {
              "lessThan": "f369fb4deed7ab997cfa703dc85ec08b3adc1af8",
              "status": "affected",
              "version": "3b1b975003e4a3da4b93ab032487a3ae4afca7b5",
              "versionType": "git"
            },
            {
              "lessThan": "4d4d5bc659206b187263190ad9a03513f625659d",
              "status": "affected",
              "version": "3b1b975003e4a3da4b93ab032487a3ae4afca7b5",
              "versionType": "git"
            },
            {
              "lessThan": "86ae5170786aea3e1751123ca55700fb9b37b623",
              "status": "affected",
              "version": "3b1b975003e4a3da4b93ab032487a3ae4afca7b5",
              "versionType": "git"
            },
            {
              "lessThan": "40cdb02cb9f965732eb543d47f15bef8d10f0f5f",
              "status": "affected",
              "version": "3b1b975003e4a3da4b93ab032487a3ae4afca7b5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/bridge/adv7511/adv7511_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.234",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.19.*",
              "status": "unaffected",
              "version": "5.19.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.234",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.75",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19.17",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.3",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: adv7511: unregister cec i2c device after cec adapter\n\ncec_unregister_adapter() assumes that the underlying adapter ops are\ncallable. For example, if the CEC adapter currently has a valid physical\naddress, then the unregistration procedure will invalidate the physical\naddress by setting it to f.f.f.f. Whence the following kernel oops\nobserved after removing the adv7511 module:\n\n    Unable to handle kernel execution of user memory at virtual address 0000000000000000\n    Internal error: Oops: 86000004 [#1] PREEMPT_RT SMP\n    Call trace:\n     0x0\n     adv7511_cec_adap_log_addr+0x1ac/0x1c8 [adv7511]\n     cec_adap_unconfigure+0x44/0x90 [cec]\n     __cec_s_phys_addr.part.0+0x68/0x230 [cec]\n     __cec_s_phys_addr+0x40/0x50 [cec]\n     cec_unregister_adapter+0xb4/0x118 [cec]\n     adv7511_remove+0x60/0x90 [adv7511]\n     i2c_device_remove+0x34/0xe0\n     device_release_driver_internal+0x114/0x1f0\n     driver_detach+0x54/0xe0\n     bus_remove_driver+0x60/0xd8\n     driver_unregister+0x34/0x60\n     i2c_del_driver+0x2c/0x68\n     adv7511_exit+0x1c/0x67c [adv7511]\n     __arm64_sys_delete_module+0x154/0x288\n     invoke_syscall+0x48/0x100\n     el0_svc_common.constprop.0+0x48/0xe8\n     do_el0_svc+0x28/0x88\n     el0_svc+0x1c/0x50\n     el0t_64_sync_handler+0xa8/0xb0\n     el0t_64_sync+0x15c/0x160\n    Code: bad PC value\n    ---[ end trace 0000000000000000 ]---\n\nProtect against this scenario by unregistering i2c_cec after\nunregistering the CEC adapter. Duly disable the CEC clock afterwards\ntoo."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-18T16:03:56.159Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3747465c5da7a11957a34bbb9485d9fc253b91cc"
        },
        {
          "url": "https://git.kernel.org/stable/c/f369fb4deed7ab997cfa703dc85ec08b3adc1af8"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d4d5bc659206b187263190ad9a03513f625659d"
        },
        {
          "url": "https://git.kernel.org/stable/c/86ae5170786aea3e1751123ca55700fb9b37b623"
        },
        {
          "url": "https://git.kernel.org/stable/c/40cdb02cb9f965732eb543d47f15bef8d10f0f5f"
        }
      ],
      "title": "drm: bridge: adv7511: unregister cec i2c device after cec adapter",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50412",
    "datePublished": "2025-09-18T16:03:56.159Z",
    "dateReserved": "2025-09-17T14:53:07.002Z",
    "dateUpdated": "2025-09-18T16:03:56.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-38011 (GCVE-0-2025-38011)

Vulnerability from cvelistv5

Published

2025-06-18 09:28

Modified

2025-07-15 15:43

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrace. Change to use uninterruptible wait lock fix the issue. WARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525 amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu] Call Trace: <TASK> drm_file_free.part.0+0x1da/0x230 [drm] drm_close_helper.isra.0+0x65/0x70 [drm] drm_release+0x6a/0x120 [drm] amdgpu_drm_release+0x51/0x60 [amdgpu] __fput+0x9f/0x280 ____fput+0xe/0x20 task_work_run+0x67/0xa0 do_exit+0x217/0x3c0 do_group_exit+0x3b/0xb0 get_signal+0x14a/0x8d0 arch_do_signal_or_restart+0xde/0x100 exit_to_user_mode_loop+0xc1/0x1a0 exit_to_user_mode_prepare+0xf4/0x100 syscall_exit_to_user_mode+0x17/0x40 do_syscall_64+0x69/0xc0 (cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)

References

URL

Tags

	https://git.kernel.org/stable/c/8d71c3231b33e24a911b8f2d8c3a17ee40aa32d5
	https://git.kernel.org/stable/c/a1adc8d9a0d219d4e88672c30dbc9ea960d73136
	https://git.kernel.org/stable/c/a0fa7873f2f869087b1e7793f7fac3713a1e3afe

Impacted products

Vendor

Product

Version

Linux

Version: 8a206685d36f6f0c6b72637f920ef973ea9cc936
Version: 8a206685d36f6f0c6b72637f920ef973ea9cc936
Version: 8a206685d36f6f0c6b72637f920ef973ea9cc936

Linux

Version: 6.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8d71c3231b33e24a911b8f2d8c3a17ee40aa32d5",
              "status": "affected",
              "version": "8a206685d36f6f0c6b72637f920ef973ea9cc936",
              "versionType": "git"
            },
            {
              "lessThan": "a1adc8d9a0d219d4e88672c30dbc9ea960d73136",
              "status": "affected",
              "version": "8a206685d36f6f0c6b72637f920ef973ea9cc936",
              "versionType": "git"
            },
            {
              "lessThan": "a0fa7873f2f869087b1e7793f7fac3713a1e3afe",
              "status": "affected",
              "version": "8a206685d36f6f0c6b72637f920ef973ea9cc936",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.30",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.30",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.8",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n  \u003cTASK\u003e\n  drm_file_free.part.0+0x1da/0x230 [drm]\n  drm_close_helper.isra.0+0x65/0x70 [drm]\n  drm_release+0x6a/0x120 [drm]\n  amdgpu_drm_release+0x51/0x60 [amdgpu]\n  __fput+0x9f/0x280\n  ____fput+0xe/0x20\n  task_work_run+0x67/0xa0\n  do_exit+0x217/0x3c0\n  do_group_exit+0x3b/0xb0\n  get_signal+0x14a/0x8d0\n  arch_do_signal_or_restart+0xde/0x100\n  exit_to_user_mode_loop+0xc1/0x1a0\n  exit_to_user_mode_prepare+0xf4/0x100\n  syscall_exit_to_user_mode+0x17/0x40\n  do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T15:43:52.921Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8d71c3231b33e24a911b8f2d8c3a17ee40aa32d5"
        },
        {
          "url": "https://git.kernel.org/stable/c/a1adc8d9a0d219d4e88672c30dbc9ea960d73136"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0fa7873f2f869087b1e7793f7fac3713a1e3afe"
        }
      ],
      "title": "drm/amdgpu: csa unmap use uninterruptible lock",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38011",
    "datePublished": "2025-06-18T09:28:21.453Z",
    "dateReserved": "2025-04-16T04:51:23.977Z",
    "dateUpdated": "2025-07-15T15:43:52.921Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-53220 (GCVE-0-2023-53220)

Vulnerability from cvelistv5

Published

2025-09-15 14:21

Modified

2025-09-15 14:21

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() In az6007_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach az6007_i2c_xfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")

References

URL

Tags

	https://git.kernel.org/stable/c/c6763fefa267f6e62595a6ac1f57815d99fc90b7
	https://git.kernel.org/stable/c/adcb73f8ce9aec48b1f85223f401c1574015d8d2
	https://git.kernel.org/stable/c/991c77fe18c6f374bbf83376f8c42550aa565662
	https://git.kernel.org/stable/c/a9def3e9718a4dc756f48db147d42ec41a966240
	https://git.kernel.org/stable/c/5b1ea100ad3695025969dc4693f307877fb688d6
	https://git.kernel.org/stable/c/6ab7ea4e17d6a605d05308adf8f3408924770cba
	https://git.kernel.org/stable/c/a1110f19d4940e4185251d072cbb0ff51486a1e7
	https://git.kernel.org/stable/c/1047f9343011f2cedc73c64829686206a7e9fc3f

Impacted products

Vendor

Product

Version

Linux

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/dvb-usb-v2/az6007.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c6763fefa267f6e62595a6ac1f57815d99fc90b7",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "adcb73f8ce9aec48b1f85223f401c1574015d8d2",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "991c77fe18c6f374bbf83376f8c42550aa565662",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "a9def3e9718a4dc756f48db147d42ec41a966240",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "5b1ea100ad3695025969dc4693f307877fb688d6",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "6ab7ea4e17d6a605d05308adf8f3408924770cba",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "a1110f19d4940e4185251d072cbb0ff51486a1e7",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "1047f9343011f2cedc73c64829686206a7e9fc3f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/dvb-usb-v2/az6007.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.326",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.295",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.197",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.55",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.326",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.295",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.197",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.133",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.55",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: az6007: Fix null-ptr-deref in az6007_i2c_xfer()\n\nIn az6007_i2c_xfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach az6007_i2c_xfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 0ed554fd769a\n(\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-15T14:21:49.075Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c6763fefa267f6e62595a6ac1f57815d99fc90b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/adcb73f8ce9aec48b1f85223f401c1574015d8d2"
        },
        {
          "url": "https://git.kernel.org/stable/c/991c77fe18c6f374bbf83376f8c42550aa565662"
        },
        {
          "url": "https://git.kernel.org/stable/c/a9def3e9718a4dc756f48db147d42ec41a966240"
        },
        {
          "url": "https://git.kernel.org/stable/c/5b1ea100ad3695025969dc4693f307877fb688d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/6ab7ea4e17d6a605d05308adf8f3408924770cba"
        },
        {
          "url": "https://git.kernel.org/stable/c/a1110f19d4940e4185251d072cbb0ff51486a1e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/1047f9343011f2cedc73c64829686206a7e9fc3f"
        }
      ],
      "title": "media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53220",
    "datePublished": "2025-09-15T14:21:49.075Z",
    "dateReserved": "2025-09-15T14:19:21.845Z",
    "dateUpdated": "2025-09-15T14:21:49.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

opensuse-su-2025:15585-1

Vulnerability from csaf_opensuse

CVE-2022-50412 (GCVE-0-2022-50412)

Vulnerability from cvelistv5

CVE-2025-38011 (GCVE-0-2025-38011)

Vulnerability from cvelistv5

CVE-2023-53220 (GCVE-0-2023-53220)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature