suse-su-2025:02320-1
Vulnerability from csaf_suse
Published
2025-07-15 14:20
Modified
2025-07-15 14:20
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50085: dm raid: fix address sanitizer warning in raid_resume (bsc#1245147).
- CVE-2022-50087: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (bsc#1245119).
- CVE-2022-50200: selinux: Add boundary check in put_entry() (bsc#1245149).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).
The following non-security bugs were fixed:
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).
- wifi: cfg80211: Add my certificate (bsc#1243001).
- wifi: cfg80211: fix certs build to not depend on file order (bsc#1243001).
Patchnames
SUSE-2025-2320,SUSE-SUSE-MicroOS-5.1-2025-2320,SUSE-SUSE-MicroOS-5.2-2025-2320
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-50085: dm raid: fix address sanitizer warning in raid_resume (bsc#1245147).\n- CVE-2022-50087: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (bsc#1245119).\n- CVE-2022-50200: selinux: Add boundary check in put_entry() (bsc#1245149).\n- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).\n- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).\n- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).\n- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).\n\nThe following non-security bugs were fixed:\n\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).\n- wifi: cfg80211: Add my certificate (bsc#1243001).\n- wifi: cfg80211: fix certs build to not depend on file order (bsc#1243001).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2320,SUSE-SUSE-MicroOS-5.1-2025-2320,SUSE-SUSE-MicroOS-5.2-2025-2320",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02320-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02320-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502320-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02320-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021812.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1199487",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "self",
"summary": "SUSE Bug 1201160",
"url": "https://bugzilla.suse.com/1201160"
},
{
"category": "self",
"summary": "SUSE Bug 1201956",
"url": "https://bugzilla.suse.com/1201956"
},
{
"category": "self",
"summary": "SUSE Bug 1202095",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "self",
"summary": "SUSE Bug 1202564",
"url": "https://bugzilla.suse.com/1202564"
},
{
"category": "self",
"summary": "SUSE Bug 1202716",
"url": "https://bugzilla.suse.com/1202716"
},
{
"category": "self",
"summary": "SUSE Bug 1202810",
"url": "https://bugzilla.suse.com/1202810"
},
{
"category": "self",
"summary": "SUSE Bug 1202860",
"url": "https://bugzilla.suse.com/1202860"
},
{
"category": "self",
"summary": "SUSE Bug 1205220",
"url": "https://bugzilla.suse.com/1205220"
},
{
"category": "self",
"summary": "SUSE Bug 1205514",
"url": "https://bugzilla.suse.com/1205514"
},
{
"category": "self",
"summary": "SUSE Bug 1206664",
"url": "https://bugzilla.suse.com/1206664"
},
{
"category": "self",
"summary": "SUSE Bug 1206878",
"url": "https://bugzilla.suse.com/1206878"
},
{
"category": "self",
"summary": "SUSE Bug 1206880",
"url": "https://bugzilla.suse.com/1206880"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1212051",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1224095",
"url": "https://bugzilla.suse.com/1224095"
},
{
"category": "self",
"summary": "SUSE Bug 1225820",
"url": "https://bugzilla.suse.com/1225820"
},
{
"category": "self",
"summary": "SUSE Bug 1226514",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1234381",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "self",
"summary": "SUSE Bug 1234454",
"url": "https://bugzilla.suse.com/1234454"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238471",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1243001",
"url": "https://bugzilla.suse.com/1243001"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244764",
"url": "https://bugzilla.suse.com/1244764"
},
{
"category": "self",
"summary": "SUSE Bug 1244767",
"url": "https://bugzilla.suse.com/1244767"
},
{
"category": "self",
"summary": "SUSE Bug 1244770",
"url": "https://bugzilla.suse.com/1244770"
},
{
"category": "self",
"summary": "SUSE Bug 1244771",
"url": "https://bugzilla.suse.com/1244771"
},
{
"category": "self",
"summary": "SUSE Bug 1244773",
"url": "https://bugzilla.suse.com/1244773"
},
{
"category": "self",
"summary": "SUSE Bug 1244774",
"url": "https://bugzilla.suse.com/1244774"
},
{
"category": "self",
"summary": "SUSE Bug 1244776",
"url": "https://bugzilla.suse.com/1244776"
},
{
"category": "self",
"summary": "SUSE Bug 1244779",
"url": "https://bugzilla.suse.com/1244779"
},
{
"category": "self",
"summary": "SUSE Bug 1244782",
"url": "https://bugzilla.suse.com/1244782"
},
{
"category": "self",
"summary": "SUSE Bug 1244783",
"url": "https://bugzilla.suse.com/1244783"
},
{
"category": "self",
"summary": "SUSE Bug 1244786",
"url": "https://bugzilla.suse.com/1244786"
},
{
"category": "self",
"summary": "SUSE Bug 1244788",
"url": "https://bugzilla.suse.com/1244788"
},
{
"category": "self",
"summary": "SUSE Bug 1244790",
"url": "https://bugzilla.suse.com/1244790"
},
{
"category": "self",
"summary": "SUSE Bug 1244793",
"url": "https://bugzilla.suse.com/1244793"
},
{
"category": "self",
"summary": "SUSE Bug 1244794",
"url": "https://bugzilla.suse.com/1244794"
},
{
"category": "self",
"summary": "SUSE Bug 1244796",
"url": "https://bugzilla.suse.com/1244796"
},
{
"category": "self",
"summary": "SUSE Bug 1244797",
"url": "https://bugzilla.suse.com/1244797"
},
{
"category": "self",
"summary": "SUSE Bug 1244804",
"url": "https://bugzilla.suse.com/1244804"
},
{
"category": "self",
"summary": "SUSE Bug 1244813",
"url": "https://bugzilla.suse.com/1244813"
},
{
"category": "self",
"summary": "SUSE Bug 1244815",
"url": "https://bugzilla.suse.com/1244815"
},
{
"category": "self",
"summary": "SUSE Bug 1244816",
"url": "https://bugzilla.suse.com/1244816"
},
{
"category": "self",
"summary": "SUSE Bug 1244825",
"url": "https://bugzilla.suse.com/1244825"
},
{
"category": "self",
"summary": "SUSE Bug 1244834",
"url": "https://bugzilla.suse.com/1244834"
},
{
"category": "self",
"summary": "SUSE Bug 1244836",
"url": "https://bugzilla.suse.com/1244836"
},
{
"category": "self",
"summary": "SUSE Bug 1244838",
"url": "https://bugzilla.suse.com/1244838"
},
{
"category": "self",
"summary": "SUSE Bug 1244839",
"url": "https://bugzilla.suse.com/1244839"
},
{
"category": "self",
"summary": "SUSE Bug 1244841",
"url": "https://bugzilla.suse.com/1244841"
},
{
"category": "self",
"summary": "SUSE Bug 1244842",
"url": "https://bugzilla.suse.com/1244842"
},
{
"category": "self",
"summary": "SUSE Bug 1244845",
"url": "https://bugzilla.suse.com/1244845"
},
{
"category": "self",
"summary": "SUSE Bug 1244848",
"url": "https://bugzilla.suse.com/1244848"
},
{
"category": "self",
"summary": "SUSE Bug 1244849",
"url": "https://bugzilla.suse.com/1244849"
},
{
"category": "self",
"summary": "SUSE Bug 1244851",
"url": "https://bugzilla.suse.com/1244851"
},
{
"category": "self",
"summary": "SUSE Bug 1244853",
"url": "https://bugzilla.suse.com/1244853"
},
{
"category": "self",
"summary": "SUSE Bug 1244856",
"url": "https://bugzilla.suse.com/1244856"
},
{
"category": "self",
"summary": "SUSE Bug 1244861",
"url": "https://bugzilla.suse.com/1244861"
},
{
"category": "self",
"summary": "SUSE Bug 1244867",
"url": "https://bugzilla.suse.com/1244867"
},
{
"category": "self",
"summary": "SUSE Bug 1244868",
"url": "https://bugzilla.suse.com/1244868"
},
{
"category": "self",
"summary": "SUSE Bug 1244869",
"url": "https://bugzilla.suse.com/1244869"
},
{
"category": "self",
"summary": "SUSE Bug 1244881",
"url": "https://bugzilla.suse.com/1244881"
},
{
"category": "self",
"summary": "SUSE Bug 1244883",
"url": "https://bugzilla.suse.com/1244883"
},
{
"category": "self",
"summary": "SUSE Bug 1244884",
"url": "https://bugzilla.suse.com/1244884"
},
{
"category": "self",
"summary": "SUSE Bug 1244885",
"url": "https://bugzilla.suse.com/1244885"
},
{
"category": "self",
"summary": "SUSE Bug 1244886",
"url": "https://bugzilla.suse.com/1244886"
},
{
"category": "self",
"summary": "SUSE Bug 1244887",
"url": "https://bugzilla.suse.com/1244887"
},
{
"category": "self",
"summary": "SUSE Bug 1244899",
"url": "https://bugzilla.suse.com/1244899"
},
{
"category": "self",
"summary": "SUSE Bug 1244901",
"url": "https://bugzilla.suse.com/1244901"
},
{
"category": "self",
"summary": "SUSE Bug 1244902",
"url": "https://bugzilla.suse.com/1244902"
},
{
"category": "self",
"summary": "SUSE Bug 1244908",
"url": "https://bugzilla.suse.com/1244908"
},
{
"category": "self",
"summary": "SUSE Bug 1244936",
"url": "https://bugzilla.suse.com/1244936"
},
{
"category": "self",
"summary": "SUSE Bug 1244941",
"url": "https://bugzilla.suse.com/1244941"
},
{
"category": "self",
"summary": "SUSE Bug 1244943",
"url": "https://bugzilla.suse.com/1244943"
},
{
"category": "self",
"summary": "SUSE Bug 1244945",
"url": "https://bugzilla.suse.com/1244945"
},
{
"category": "self",
"summary": "SUSE Bug 1244948",
"url": "https://bugzilla.suse.com/1244948"
},
{
"category": "self",
"summary": "SUSE Bug 1244950",
"url": "https://bugzilla.suse.com/1244950"
},
{
"category": "self",
"summary": "SUSE Bug 1244956",
"url": "https://bugzilla.suse.com/1244956"
},
{
"category": "self",
"summary": "SUSE Bug 1244958",
"url": "https://bugzilla.suse.com/1244958"
},
{
"category": "self",
"summary": "SUSE Bug 1244959",
"url": "https://bugzilla.suse.com/1244959"
},
{
"category": "self",
"summary": "SUSE Bug 1244967",
"url": "https://bugzilla.suse.com/1244967"
},
{
"category": "self",
"summary": "SUSE Bug 1244968",
"url": "https://bugzilla.suse.com/1244968"
},
{
"category": "self",
"summary": "SUSE Bug 1244969",
"url": "https://bugzilla.suse.com/1244969"
},
{
"category": "self",
"summary": "SUSE Bug 1244976",
"url": "https://bugzilla.suse.com/1244976"
},
{
"category": "self",
"summary": "SUSE Bug 1244979",
"url": "https://bugzilla.suse.com/1244979"
},
{
"category": "self",
"summary": "SUSE Bug 1244984",
"url": "https://bugzilla.suse.com/1244984"
},
{
"category": "self",
"summary": "SUSE Bug 1244986",
"url": "https://bugzilla.suse.com/1244986"
},
{
"category": "self",
"summary": "SUSE Bug 1244992",
"url": "https://bugzilla.suse.com/1244992"
},
{
"category": "self",
"summary": "SUSE Bug 1245006",
"url": "https://bugzilla.suse.com/1245006"
},
{
"category": "self",
"summary": "SUSE Bug 1245007",
"url": "https://bugzilla.suse.com/1245007"
},
{
"category": "self",
"summary": "SUSE Bug 1245024",
"url": "https://bugzilla.suse.com/1245024"
},
{
"category": "self",
"summary": "SUSE Bug 1245031",
"url": "https://bugzilla.suse.com/1245031"
},
{
"category": "self",
"summary": "SUSE Bug 1245033",
"url": "https://bugzilla.suse.com/1245033"
},
{
"category": "self",
"summary": "SUSE Bug 1245041",
"url": "https://bugzilla.suse.com/1245041"
},
{
"category": "self",
"summary": "SUSE Bug 1245047",
"url": "https://bugzilla.suse.com/1245047"
},
{
"category": "self",
"summary": "SUSE Bug 1245051",
"url": "https://bugzilla.suse.com/1245051"
},
{
"category": "self",
"summary": "SUSE Bug 1245057",
"url": "https://bugzilla.suse.com/1245057"
},
{
"category": "self",
"summary": "SUSE Bug 1245058",
"url": "https://bugzilla.suse.com/1245058"
},
{
"category": "self",
"summary": "SUSE Bug 1245072",
"url": "https://bugzilla.suse.com/1245072"
},
{
"category": "self",
"summary": "SUSE Bug 1245073",
"url": "https://bugzilla.suse.com/1245073"
},
{
"category": "self",
"summary": "SUSE Bug 1245098",
"url": "https://bugzilla.suse.com/1245098"
},
{
"category": "self",
"summary": "SUSE Bug 1245103",
"url": "https://bugzilla.suse.com/1245103"
},
{
"category": "self",
"summary": "SUSE Bug 1245117",
"url": "https://bugzilla.suse.com/1245117"
},
{
"category": "self",
"summary": "SUSE Bug 1245119",
"url": "https://bugzilla.suse.com/1245119"
},
{
"category": "self",
"summary": "SUSE Bug 1245121",
"url": "https://bugzilla.suse.com/1245121"
},
{
"category": "self",
"summary": "SUSE Bug 1245122",
"url": "https://bugzilla.suse.com/1245122"
},
{
"category": "self",
"summary": "SUSE Bug 1245125",
"url": "https://bugzilla.suse.com/1245125"
},
{
"category": "self",
"summary": "SUSE Bug 1245129",
"url": "https://bugzilla.suse.com/1245129"
},
{
"category": "self",
"summary": "SUSE Bug 1245131",
"url": "https://bugzilla.suse.com/1245131"
},
{
"category": "self",
"summary": "SUSE Bug 1245135",
"url": "https://bugzilla.suse.com/1245135"
},
{
"category": "self",
"summary": "SUSE Bug 1245136",
"url": "https://bugzilla.suse.com/1245136"
},
{
"category": "self",
"summary": "SUSE Bug 1245138",
"url": "https://bugzilla.suse.com/1245138"
},
{
"category": "self",
"summary": "SUSE Bug 1245139",
"url": "https://bugzilla.suse.com/1245139"
},
{
"category": "self",
"summary": "SUSE Bug 1245140",
"url": "https://bugzilla.suse.com/1245140"
},
{
"category": "self",
"summary": "SUSE Bug 1245146",
"url": "https://bugzilla.suse.com/1245146"
},
{
"category": "self",
"summary": "SUSE Bug 1245147",
"url": "https://bugzilla.suse.com/1245147"
},
{
"category": "self",
"summary": "SUSE Bug 1245149",
"url": "https://bugzilla.suse.com/1245149"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245195",
"url": "https://bugzilla.suse.com/1245195"
},
{
"category": "self",
"summary": "SUSE Bug 1245265",
"url": "https://bugzilla.suse.com/1245265"
},
{
"category": "self",
"summary": "SUSE Bug 1245348",
"url": "https://bugzilla.suse.com/1245348"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1679 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2905 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3903 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4095 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49934 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49936 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49937 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49942 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49948 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49954 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49968 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49977 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49978 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49981 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49984 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49985 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49986 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49987 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49989 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49990 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49993 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50010 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50012 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50019 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50020 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50022 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50027 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50030 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50032 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50033 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50045 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50051 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50059 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50061 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50065 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50067 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50072 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50084 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50087 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50091 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50092 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50093 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50094 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50098 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50101 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50102 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50104 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50108 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50109 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50118 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50124 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50127 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50136 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50138 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50141 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50143 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50156 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50158 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50160 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50161 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50164 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50165 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50172 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50173 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50176 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50181 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50191 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50200 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50209 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50211 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50212 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50213 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50215 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50220 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50222 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50229 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50231 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3111 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27397 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-15T14:20:22Z",
"generator": {
"date": "2025-07-15T14:20:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02320-1",
"initial_release_date": "2025-07-15T14:20:22Z",
"revision_history": [
{
"date": "2025-07-15T14:20:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.214.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.214.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.214.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.214.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.214.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.214.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.214.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.214.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.214.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.214.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.214.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.214.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.214.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.214.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.214.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.214.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.214.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.214.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.214.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.214.1.noarch as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.214.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.214.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.214.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.214.1.noarch as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.214.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1679"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1679",
"url": "https://www.suse.com/security/cve/CVE-2022-1679"
},
{
"category": "external",
"summary": "SUSE Bug 1199487 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "external",
"summary": "SUSE Bug 1201080 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201080"
},
{
"category": "external",
"summary": "SUSE Bug 1201832 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201832"
},
{
"category": "external",
"summary": "SUSE Bug 1204132 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1204132"
},
{
"category": "external",
"summary": "SUSE Bug 1212316 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1212316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-2586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2586"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2586",
"url": "https://www.suse.com/security/cve/CVE-2022-2586"
},
{
"category": "external",
"summary": "SUSE Bug 1202095 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "external",
"summary": "SUSE Bug 1209719 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1209719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-2586"
},
{
"cve": "CVE-2022-2905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2905"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2905",
"url": "https://www.suse.com/security/cve/CVE-2022-2905"
},
{
"category": "external",
"summary": "SUSE Bug 1202860 for CVE-2022-2905",
"url": "https://bugzilla.suse.com/1202860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-2905"
},
{
"cve": "CVE-2022-3903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3903"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3903",
"url": "https://www.suse.com/security/cve/CVE-2022-3903"
},
{
"category": "external",
"summary": "SUSE Bug 1205220 for CVE-2022-3903",
"url": "https://bugzilla.suse.com/1205220"
},
{
"category": "external",
"summary": "SUSE Bug 1212297 for CVE-2022-3903",
"url": "https://bugzilla.suse.com/1212297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-3903"
},
{
"cve": "CVE-2022-4095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4095"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4095",
"url": "https://www.suse.com/security/cve/CVE-2022-4095"
},
{
"category": "external",
"summary": "SUSE Bug 1205514 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1205514"
},
{
"category": "external",
"summary": "SUSE Bug 1205594 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1205594"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1212319 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1212319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2022-4095"
},
{
"cve": "CVE-2022-4662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4662"
}
],
"notes": [
{
"category": "general",
"text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4662",
"url": "https://www.suse.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "SUSE Bug 1206664 for CVE-2022-4662",
"url": "https://bugzilla.suse.com/1206664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-4662"
},
{
"cve": "CVE-2022-49934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Fix UAF in ieee80211_scan_rx()\n\nieee80211_scan_rx() tries to access scan_req-\u003eflags after a\nnull check, but a UAF is observed when the scan is completed\nand __ieee80211_scan_completed() executes, which then calls\ncfg80211_scan_done() leading to the freeing of scan_req.\n\nSince scan_req is rcu_dereference()\u0027d, prevent the racing in\n__ieee80211_scan_completed() by ensuring that from mac80211\u0027s\nPOV it is no longer accessed from an RCU read critical section\nbefore we call cfg80211_scan_done().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49934",
"url": "https://www.suse.com/security/cve/CVE-2022-49934"
},
{
"category": "external",
"summary": "SUSE Bug 1245051 for CVE-2022-49934",
"url": "https://bugzilla.suse.com/1245051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49934"
},
{
"cve": "CVE-2022-49936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Prevent nested device-reset calls\n\nAutomatic kernel fuzzing revealed a recursive locking violation in\nusb-storage:\n\n============================================\nWARNING: possible recursive locking detected\n5.18.0 #3 Not tainted\n--------------------------------------------\nkworker/1:3/1205 is trying to acquire lock:\nffff888018638db8 (\u0026us_interface_key[i]){+.+.}-{3:3}, at:\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\n\nbut task is already holding lock:\nffff888018638db8 (\u0026us_interface_key[i]){+.+.}-{3:3}, at:\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\n\n...\n\nstack backtrace:\nCPU: 1 PID: 1205 Comm: kworker/1:3 Not tainted 5.18.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_deadlock_bug kernel/locking/lockdep.c:2988 [inline]\ncheck_deadlock kernel/locking/lockdep.c:3031 [inline]\nvalidate_chain kernel/locking/lockdep.c:3816 [inline]\n__lock_acquire.cold+0x152/0x3ca kernel/locking/lockdep.c:5053\nlock_acquire kernel/locking/lockdep.c:5665 [inline]\nlock_acquire+0x1ab/0x520 kernel/locking/lockdep.c:5630\n__mutex_lock_common kernel/locking/mutex.c:603 [inline]\n__mutex_lock+0x14f/0x1610 kernel/locking/mutex.c:747\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\nusb_reset_device+0x37d/0x9a0 drivers/usb/core/hub.c:6109\nr871xu_dev_remove+0x21a/0x270 drivers/staging/rtl8712/usb_intf.c:622\nusb_unbind_interface+0x1bd/0x890 drivers/usb/core/driver.c:458\ndevice_remove drivers/base/dd.c:545 [inline]\ndevice_remove+0x11f/0x170 drivers/base/dd.c:537\n__device_release_driver drivers/base/dd.c:1222 [inline]\ndevice_release_driver_internal+0x1a7/0x2f0 drivers/base/dd.c:1248\nusb_driver_release_interface+0x102/0x180 drivers/usb/core/driver.c:627\nusb_forced_unbind_intf+0x4d/0xa0 drivers/usb/core/driver.c:1118\nusb_reset_device+0x39b/0x9a0 drivers/usb/core/hub.c:6114\n\nThis turned out not to be an error in usb-storage but rather a nested\ndevice reset attempt. That is, as the rtl8712 driver was being\nunbound from a composite device in preparation for an unrelated USB\nreset (that driver does not have pre_reset or post_reset callbacks),\nits -\u003eremove routine called usb_reset_device() -- thus nesting one\nreset call within another.\n\nPerforming a reset as part of disconnect processing is a questionable\npractice at best. However, the bug report points out that the USB\ncore does not have any protection against nested resets. Adding a\nreset_in_progress flag and testing it will prevent such errors in the\nfuture.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49936",
"url": "https://www.suse.com/security/cve/CVE-2022-49936"
},
{
"category": "external",
"summary": "SUSE Bug 1244984 for CVE-2022-49936",
"url": "https://bugzilla.suse.com/1244984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49936"
},
{
"cve": "CVE-2022-49937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mceusb: Use new usb_control_msg_*() routines\n\nAutomatic kernel fuzzing led to a WARN about invalid pipe direction in\nthe mceusb driver:\n\n------------[ cut here ]------------\nusb 6-1: BOGUS control dir, pipe 80000380 doesn\u0027t match bRequestType 40\nWARNING: CPU: 0 PID: 2465 at drivers/usb/core/urb.c:410\nusb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nModules linked in:\nCPU: 0 PID: 2465 Comm: kworker/0:2 Not tainted 5.19.0-rc4-00208-g69cb6c6556ad #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nCode: 7c 24 40 e8 ac 23 91 fd 48 8b 7c 24 40 e8 b2 70 1b ff 45 89 e8\n44 89 f1 4c 89 e2 48 89 c6 48 c7 c7 a0 30 a9 86 e8 48 07 11 02 \u003c0f\u003e 0b\ne9 1c f0 ff ff e8 7e 23 91 fd 0f b6 1d 63 22 83 05 31 ff 41\nRSP: 0018:ffffc900032becf0 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff8881100f3058 RCX: 0000000000000000\nRDX: ffffc90004961000 RSI: ffff888114c6d580 RDI: fffff52000657d90\nRBP: ffff888105ad90f0 R08: ffffffff812c3638 R09: 0000000000000000\nR10: 0000000000000005 R11: ffffed1023504ef1 R12: ffff888105ad9000\nR13: 0000000000000040 R14: 0000000080000380 R15: ffff88810ba96500\nFS: 0000000000000000(0000) GS:ffff88811a800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe810bda58 CR3: 000000010b720000 CR4: 0000000000350ef0\nCall Trace:\n\u003cTASK\u003e\nusb_start_wait_urb+0x101/0x4c0 drivers/usb/core/message.c:58\nusb_internal_control_msg drivers/usb/core/message.c:102 [inline]\nusb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:153\nmceusb_gen1_init drivers/media/rc/mceusb.c:1431 [inline]\nmceusb_dev_probe+0x258e/0x33f0 drivers/media/rc/mceusb.c:1807\n\nThe reason for the warning is clear enough; the driver sends an\nunusual read request on endpoint 0 but does not set the USB_DIR_IN bit\nin the bRequestType field.\n\nMore importantly, the whole situation can be avoided and the driver\nsimplified by converting it over to the relatively new\nusb_control_msg_recv() and usb_control_msg_send() routines. That\u0027s\nwhat this fix does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49937",
"url": "https://www.suse.com/security/cve/CVE-2022-49937"
},
{
"category": "external",
"summary": "SUSE Bug 1245057 for CVE-2022-49937",
"url": "https://bugzilla.suse.com/1245057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49937"
},
{
"cve": "CVE-2022-49942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49942"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Don\u0027t finalize CSA in IBSS mode if state is disconnected\n\nWhen we are not connected to a channel, sending channel \"switch\"\nannouncement doesn\u0027t make any sense.\n\nThe BSS list is empty in that case. This causes the for loop in\ncfg80211_get_bss() to be bypassed, so the function returns NULL\n(check line 1424 of net/wireless/scan.c), causing the WARN_ON()\nin ieee80211_ibss_csa_beacon() to get triggered (check line 500\nof net/mac80211/ibss.c), which was consequently reported on the\nsyzkaller dashboard.\n\nThus, check if we have an existing connection before generating\nthe CSA beacon in ieee80211_ibss_finish_csa().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49942",
"url": "https://www.suse.com/security/cve/CVE-2022-49942"
},
{
"category": "external",
"summary": "SUSE Bug 1244881 for CVE-2022-49942",
"url": "https://bugzilla.suse.com/1244881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49942"
},
{
"cve": "CVE-2022-49945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (gpio-fan) Fix array out of bounds access\n\nThe driver does not check if the cooling state passed to\ngpio_fan_set_cur_state() exceeds the maximum cooling state as\nstored in fan_data-\u003enum_speeds. Since the cooling state is later\nused as an array index in set_fan_speed(), an array out of bounds\naccess can occur.\nThis can be exploited by setting the state of the thermal cooling device\nto arbitrary values, causing for example a kernel oops when unavailable\nmemory is accessed this way.\n\nExample kernel oops:\n[ 807.987276] Unable to handle kernel paging request at virtual address ffffff80d0588064\n[ 807.987369] Mem abort info:\n[ 807.987398] ESR = 0x96000005\n[ 807.987428] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 807.987477] SET = 0, FnV = 0\n[ 807.987507] EA = 0, S1PTW = 0\n[ 807.987536] FSC = 0x05: level 1 translation fault\n[ 807.987570] Data abort info:\n[ 807.987763] ISV = 0, ISS = 0x00000005\n[ 807.987801] CM = 0, WnR = 0\n[ 807.987832] swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000001165000\n[ 807.987872] [ffffff80d0588064] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 807.987961] Internal error: Oops: 96000005 [#1] PREEMPT SMP\n[ 807.987992] Modules linked in: cmac algif_hash aes_arm64 algif_skcipher af_alg bnep hci_uart btbcm bluetooth ecdh_generic ecc 8021q garp stp llc snd_soc_hdmi_codec brcmfmac vc4 brcmutil cec drm_kms_helper snd_soc_core cfg80211 snd_compress bcm2835_codec(C) snd_pcm_dmaengine syscopyarea bcm2835_isp(C) bcm2835_v4l2(C) sysfillrect v4l2_mem2mem bcm2835_mmal_vchiq(C) raspberrypi_hwmon sysimgblt videobuf2_dma_contig videobuf2_vmalloc fb_sys_fops videobuf2_memops rfkill videobuf2_v4l2 videobuf2_common i2c_bcm2835 snd_bcm2835(C) videodev snd_pcm snd_timer snd mc vc_sm_cma(C) gpio_fan uio_pdrv_genirq uio drm fuse drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 807.988508] CPU: 0 PID: 1321 Comm: bash Tainted: G C 5.15.56-v8+ #1575\n[ 807.988548] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 807.988574] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 807.988608] pc : set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.988654] lr : gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.988691] sp : ffffffc008cf3bd0\n[ 807.988710] x29: ffffffc008cf3bd0 x28: ffffff80019edac0 x27: 0000000000000000\n[ 807.988762] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800747c920\n[ 807.988787] x23: 000000000000000a x22: ffffff800369f000 x21: 000000001999997c\n[ 807.988854] x20: ffffff800369f2e8 x19: ffffff8002ae8080 x18: 0000000000000000\n[ 807.988877] x17: 0000000000000000 x16: 0000000000000000 x15: 000000559e271b70\n[ 807.988938] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 807.988960] x11: 0000000000000000 x10: ffffffc008cf3c20 x9 : ffffffcfb60c741c\n[ 807.989018] x8 : 000000000000000a x7 : 00000000ffffffc9 x6 : 0000000000000009\n[ 807.989040] x5 : 000000000000002a x4 : 0000000000000000 x3 : ffffff800369f2e8\n[ 807.989062] x2 : 000000000000e780 x1 : 0000000000000001 x0 : ffffff80d0588060\n[ 807.989084] Call trace:\n[ 807.989091] set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.989113] gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.989199] cur_state_store+0x84/0xd0\n[ 807.989221] dev_attr_store+0x20/0x38\n[ 807.989262] sysfs_kf_write+0x4c/0x60\n[ 807.989282] kernfs_fop_write_iter+0x130/0x1c0\n[ 807.989298] new_sync_write+0x10c/0x190\n[ 807.989315] vfs_write+0x254/0x378\n[ 807.989362] ksys_write+0x70/0xf8\n[ 807.989379] __arm64_sys_write+0x24/0x30\n[ 807.989424] invoke_syscall+0x4c/0x110\n[ 807.989442] el0_svc_common.constprop.3+0xfc/0x120\n[ 807.989458] do_el0_svc+0x2c/0x90\n[ 807.989473] el0_svc+0x24/0x60\n[ 807.989544] el0t_64_sync_handler+0x90/0xb8\n[ 807.989558] el0t_64_sync+0x1a0/0x1a4\n[ 807.989579] Code: b9403801 f9402800 7100003f 8b35cc00 (b9400416)\n[ 807.989627] ---[ end t\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49945",
"url": "https://www.suse.com/security/cve/CVE-2022-49945"
},
{
"category": "external",
"summary": "SUSE Bug 1244908 for CVE-2022-49945",
"url": "https://bugzilla.suse.com/1244908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49945"
},
{
"cve": "CVE-2022-49948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: Clear selection before changing the font\n\nWhen changing the console font with ioctl(KDFONTOP) the new font size\ncan be bigger than the previous font. A previous selection may thus now\nbe outside of the new screen size and thus trigger out-of-bounds\naccesses to graphics memory if the selection is removed in\nvc_do_resize().\n\nPrevent such out-of-memory accesses by dropping the selection before the\nvarious con_font_set() console handlers are called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49948",
"url": "https://www.suse.com/security/cve/CVE-2022-49948"
},
{
"category": "external",
"summary": "SUSE Bug 1245058 for CVE-2022-49948",
"url": "https://bugzilla.suse.com/1245058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49948"
},
{
"cve": "CVE-2022-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix memory corruption on open\n\nThe probe session-duplication overflow check incremented the session\ncount also when there were no more available sessions so that memory\nbeyond the fixed-size slab-allocated session array could be corrupted in\nfastrpc_session_alloc() on open().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49950",
"url": "https://www.suse.com/security/cve/CVE-2022-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1244958 for CVE-2022-49950",
"url": "https://bugzilla.suse.com/1244958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49950"
},
{
"cve": "CVE-2022-49952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix memory corruption on probe\n\nAdd the missing sanity check on the probed-session count to avoid\ncorrupting memory beyond the fixed-size slab-allocated session array\nwhen there are more than FASTRPC_MAX_SESSIONS sessions defined in the\ndevicetree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49952",
"url": "https://www.suse.com/security/cve/CVE-2022-49952"
},
{
"category": "external",
"summary": "SUSE Bug 1244945 for CVE-2022-49952",
"url": "https://bugzilla.suse.com/1244945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49952"
},
{
"cve": "CVE-2022-49954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n\nsyzbot is reporting hung task at __input_unregister_device() [1], for\niforce_close() waiting at wait_event_interruptible() with dev-\u003emutex held\nis blocking input_disconnect_device() from __input_unregister_device().\n\nIt seems that the cause is simply that commit c2b27ef672992a20 (\"Input:\niforce - wait for command completion when closing the device\") forgot to\ncall wake_up() after clear_bit().\n\nFix this problem by introducing a helper that calls clear_bit() followed\nby wake_up_all().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49954",
"url": "https://www.suse.com/security/cve/CVE-2022-49954"
},
{
"category": "external",
"summary": "SUSE Bug 1244976 for CVE-2022-49954",
"url": "https://bugzilla.suse.com/1244976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49954"
},
{
"cve": "CVE-2022-49956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use after free bugs\n\n_Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl()\nfunctions don\u0027t do anything except free the \"pcmd\" pointer. It\nresults in a use after free. Delete them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49956",
"url": "https://www.suse.com/security/cve/CVE-2022-49956"
},
{
"category": "external",
"summary": "SUSE Bug 1244969 for CVE-2022-49956",
"url": "https://bugzilla.suse.com/1244969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49956"
},
{
"cve": "CVE-2022-49968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nieee802154/adf7242: defer destroy_workqueue call\n\nThere is a possible race condition (use-after-free) like below\n\n (FREE) | (USE)\n adf7242_remove | adf7242_channel\n cancel_delayed_work_sync |\n destroy_workqueue (1) | adf7242_cmd_rx\n | mod_delayed_work (2)\n |\n\nThe root cause for this race is that the upper layer (ieee802154) is\nunaware of this detaching event and the function adf7242_channel can\nbe called without any checks.\n\nTo fix this, we can add a flag write at the beginning of adf7242_remove\nand add flag check in adf7242_channel. Or we can just defer the\ndestructive operation like other commit 3e0588c291d6 (\"hamradio: defer\nax25 kfree after unregister_netdev\") which let the\nieee802154_unregister_hw() to handle the synchronization. This patch\ntakes the second option.\n\nruns\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49968",
"url": "https://www.suse.com/security/cve/CVE-2022-49968"
},
{
"category": "external",
"summary": "SUSE Bug 1244959 for CVE-2022-49968",
"url": "https://bugzilla.suse.com/1244959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49968"
},
{
"cve": "CVE-2022-49977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead\n\nftrace_startup does not remove ops from ftrace_ops_list when\nftrace_startup_enable fails:\n\nregister_ftrace_function\n ftrace_startup\n __register_ftrace_function\n ...\n add_ftrace_ops(\u0026ftrace_ops_list, ops)\n ...\n ...\n ftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1\n ...\n return 0 // ops is in the ftrace_ops_list.\n\nWhen ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything:\nunregister_ftrace_function\n ftrace_shutdown\n if (unlikely(ftrace_disabled))\n return -ENODEV; // return here, __unregister_ftrace_function is not executed,\n // as a result, ops is still in the ftrace_ops_list\n __unregister_ftrace_function\n ...\n\nIf ops is dynamically allocated, it will be free later, in this case,\nis_ftrace_trampoline accesses NULL pointer:\n\nis_ftrace_trampoline\n ftrace_ops_trampoline\n do_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL!\n\nSyzkaller reports as follows:\n[ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b\n[ 1203.508039] #PF: supervisor read access in kernel mode\n[ 1203.508798] #PF: error_code(0x0000) - not-present page\n[ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0\n[ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI\n[ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8\n[ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0\n[ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 \u003c48\u003e 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00\n[ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246\n[ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866\n[ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b\n[ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07\n[ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399\n[ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008\n[ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000\n[ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0\n[ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nTherefore, when ftrace_startup_enable fails, we need to rollback registration\nprocess and remove ops from ftrace_ops_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49977",
"url": "https://www.suse.com/security/cve/CVE-2022-49977"
},
{
"category": "external",
"summary": "SUSE Bug 1244936 for CVE-2022-49977",
"url": "https://bugzilla.suse.com/1244936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49977"
},
{
"cve": "CVE-2022-49978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fb_pm2fb: Avoid potential divide by zero error\n\nIn `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be\ncopied from user, then go through `fb_set_var()` and\n`info-\u003efbops-\u003efb_check_var()` which could may be `pm2fb_check_var()`.\nAlong the path, `var-\u003epixclock` won\u0027t be modified. This function checks\nwhether reciprocal of `var-\u003epixclock` is too high. If `var-\u003epixclock` is\nzero, there will be a divide by zero error. So, it is necessary to check\nwhether denominator is zero to avoid crash. As this bug is found by\nSyzkaller, logs are listed below.\n\ndivide error in pm2fb_check_var\nCall Trace:\n \u003cTASK\u003e\n fb_set_var+0x367/0xeb0 drivers/video/fbdev/core/fbmem.c:1015\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49978",
"url": "https://www.suse.com/security/cve/CVE-2022-49978"
},
{
"category": "external",
"summary": "SUSE Bug 1245195 for CVE-2022-49978",
"url": "https://bugzilla.suse.com/1245195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49978"
},
{
"cve": "CVE-2022-49981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hidraw: fix memory leak in hidraw_release()\n\nFree the buffered reports before deleting the list entry.\n\nBUG: memory leak\nunreferenced object 0xffff88810e72f180 (size 32):\n comm \"softirq\", pid 0, jiffies 4294945143 (age 16.080s)\n hex dump (first 32 bytes):\n 64 f3 c6 6a d1 88 07 04 00 00 00 00 00 00 00 00 d..j............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff814ac6c3\u003e] kmemdup+0x23/0x50 mm/util.c:128\n [\u003cffffffff8357c1d2\u003e] kmemdup include/linux/fortify-string.h:440 [inline]\n [\u003cffffffff8357c1d2\u003e] hidraw_report_event+0xa2/0x150 drivers/hid/hidraw.c:521\n [\u003cffffffff8356ddad\u003e] hid_report_raw_event+0x27d/0x740 drivers/hid/hid-core.c:1992\n [\u003cffffffff8356e41e\u003e] hid_input_report+0x1ae/0x270 drivers/hid/hid-core.c:2065\n [\u003cffffffff835f0d3f\u003e] hid_irq_in+0x1ff/0x250 drivers/hid/usbhid/hid-core.c:284\n [\u003cffffffff82d3c7f9\u003e] __usb_hcd_giveback_urb+0xf9/0x230 drivers/usb/core/hcd.c:1670\n [\u003cffffffff82d3cc26\u003e] usb_hcd_giveback_urb+0x1b6/0x1d0 drivers/usb/core/hcd.c:1747\n [\u003cffffffff82ef1e14\u003e] dummy_timer+0x8e4/0x14c0 drivers/usb/gadget/udc/dummy_hcd.c:1988\n [\u003cffffffff812f50a8\u003e] call_timer_fn+0x38/0x200 kernel/time/timer.c:1474\n [\u003cffffffff812f5586\u003e] expire_timers kernel/time/timer.c:1519 [inline]\n [\u003cffffffff812f5586\u003e] __run_timers.part.0+0x316/0x430 kernel/time/timer.c:1790\n [\u003cffffffff812f56e4\u003e] __run_timers kernel/time/timer.c:1768 [inline]\n [\u003cffffffff812f56e4\u003e] run_timer_softirq+0x44/0x90 kernel/time/timer.c:1803\n [\u003cffffffff848000e6\u003e] __do_softirq+0xe6/0x2ea kernel/softirq.c:571\n [\u003cffffffff81246db0\u003e] invoke_softirq kernel/softirq.c:445 [inline]\n [\u003cffffffff81246db0\u003e] __irq_exit_rcu kernel/softirq.c:650 [inline]\n [\u003cffffffff81246db0\u003e] irq_exit_rcu+0xc0/0x110 kernel/softirq.c:662\n [\u003cffffffff84574f02\u003e] sysvec_apic_timer_interrupt+0xa2/0xd0 arch/x86/kernel/apic/apic.c:1106\n [\u003cffffffff84600c8b\u003e] asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:649\n [\u003cffffffff8458a070\u003e] native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]\n [\u003cffffffff8458a070\u003e] arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]\n [\u003cffffffff8458a070\u003e] acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]\n [\u003cffffffff8458a070\u003e] acpi_idle_do_entry+0xc0/0xd0 drivers/acpi/processor_idle.c:554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49981",
"url": "https://www.suse.com/security/cve/CVE-2022-49981"
},
{
"category": "external",
"summary": "SUSE Bug 1245072 for CVE-2022-49981",
"url": "https://bugzilla.suse.com/1245072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49981"
},
{
"cve": "CVE-2022-49984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n\nIt is possible for a malicious device to forgo submitting a Feature\nReport. The HID Steam driver presently makes no prevision for this\nand de-references the \u0027struct hid_report\u0027 pointer obtained from the\nHID devices without first checking its validity. Let\u0027s change that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49984",
"url": "https://www.suse.com/security/cve/CVE-2022-49984"
},
{
"category": "external",
"summary": "SUSE Bug 1244950 for CVE-2022-49984",
"url": "https://bugzilla.suse.com/1244950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49984"
},
{
"cve": "CVE-2022-49985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Don\u0027t use tnum_range on array range checking for poke descriptors\n\nHsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which\nis based on a customized syzkaller:\n\n BUG: KASAN: slab-out-of-bounds in bpf_int_jit_compile+0x1257/0x13f0\n Read of size 8 at addr ffff888004e90b58 by task syz-executor.0/1489\n CPU: 1 PID: 1489 Comm: syz-executor.0 Not tainted 5.19.0 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x9c/0xc9\n print_address_description.constprop.0+0x1f/0x1f0\n ? bpf_int_jit_compile+0x1257/0x13f0\n kasan_report.cold+0xeb/0x197\n ? kvmalloc_node+0x170/0x200\n ? bpf_int_jit_compile+0x1257/0x13f0\n bpf_int_jit_compile+0x1257/0x13f0\n ? arch_prepare_bpf_dispatcher+0xd0/0xd0\n ? rcu_read_lock_sched_held+0x43/0x70\n bpf_prog_select_runtime+0x3e8/0x640\n ? bpf_obj_name_cpy+0x149/0x1b0\n bpf_prog_load+0x102f/0x2220\n ? __bpf_prog_put.constprop.0+0x220/0x220\n ? find_held_lock+0x2c/0x110\n ? __might_fault+0xd6/0x180\n ? lock_downgrade+0x6e0/0x6e0\n ? lock_is_held_type+0xa6/0x120\n ? __might_fault+0x147/0x180\n __sys_bpf+0x137b/0x6070\n ? bpf_perf_link_attach+0x530/0x530\n ? new_sync_read+0x600/0x600\n ? __fget_files+0x255/0x450\n ? lock_downgrade+0x6e0/0x6e0\n ? fput+0x30/0x1a0\n ? ksys_write+0x1a8/0x260\n __x64_sys_bpf+0x7a/0xc0\n ? syscall_enter_from_user_mode+0x21/0x70\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f917c4e2c2d\n\nThe problem here is that a range of tnum_range(0, map-\u003emax_entries - 1) has\nlimited ability to represent the concrete tight range with the tnum as the\nset of resulting states from value + mask can result in a superset of the\nactual intended range, and as such a tnum_in(range, reg-\u003evar_off) check may\nyield true when it shouldn\u0027t, for example tnum_range(0, 2) would result in\n00XX -\u003e v = 0000, m = 0011 such that the intended set of {0, 1, 2} is here\nrepresented by a less precise superset of {0, 1, 2, 3}. As the register is\nknown const scalar, really just use the concrete reg-\u003evar_off.value for the\nupper index check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49985",
"url": "https://www.suse.com/security/cve/CVE-2022-49985"
},
{
"category": "external",
"summary": "SUSE Bug 1244956 for CVE-2022-49985",
"url": "https://bugzilla.suse.com/1244956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49985"
},
{
"cve": "CVE-2022-49986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq\n\nstorvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it\ndoesn\u0027t need to make forward progress under memory pressure. Marking this\nworkqueue as WQ_MEM_RECLAIM may cause deadlock while flushing a\nnon-WQ_MEM_RECLAIM workqueue. In the current state it causes the following\nwarning:\n\n[ 14.506347] ------------[ cut here ]------------\n[ 14.506354] workqueue: WQ_MEM_RECLAIM storvsc_error_wq_0:storvsc_remove_lun is flushing !WQ_MEM_RECLAIM events_freezable_power_:disk_events_workfn\n[ 14.506360] WARNING: CPU: 0 PID: 8 at \u003c-snip-\u003ekernel/workqueue.c:2623 check_flush_dependency+0xb5/0x130\n[ 14.506390] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted 5.4.0-1086-azure #91~18.04.1-Ubuntu\n[ 14.506391] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 14.506393] Workqueue: storvsc_error_wq_0 storvsc_remove_lun\n[ 14.506395] RIP: 0010:check_flush_dependency+0xb5/0x130\n\t\t\u003c-snip-\u003e\n[ 14.506408] Call Trace:\n[ 14.506412] __flush_work+0xf1/0x1c0\n[ 14.506414] __cancel_work_timer+0x12f/0x1b0\n[ 14.506417] ? kernfs_put+0xf0/0x190\n[ 14.506418] cancel_delayed_work_sync+0x13/0x20\n[ 14.506420] disk_block_events+0x78/0x80\n[ 14.506421] del_gendisk+0x3d/0x2f0\n[ 14.506423] sr_remove+0x28/0x70\n[ 14.506427] device_release_driver_internal+0xef/0x1c0\n[ 14.506428] device_release_driver+0x12/0x20\n[ 14.506429] bus_remove_device+0xe1/0x150\n[ 14.506431] device_del+0x167/0x380\n[ 14.506432] __scsi_remove_device+0x11d/0x150\n[ 14.506433] scsi_remove_device+0x26/0x40\n[ 14.506434] storvsc_remove_lun+0x40/0x60\n[ 14.506436] process_one_work+0x209/0x400\n[ 14.506437] worker_thread+0x34/0x400\n[ 14.506439] kthread+0x121/0x140\n[ 14.506440] ? process_one_work+0x400/0x400\n[ 14.506441] ? kthread_park+0x90/0x90\n[ 14.506443] ret_from_fork+0x35/0x40\n[ 14.506445] ---[ end trace 2d9633159fdc6ee7 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49986",
"url": "https://www.suse.com/security/cve/CVE-2022-49986"
},
{
"category": "external",
"summary": "SUSE Bug 1244948 for CVE-2022-49986",
"url": "https://bugzilla.suse.com/1244948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49986"
},
{
"cve": "CVE-2022-49987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: call __md_stop_writes in md_stop\n\nFrom the link [1], we can see raid1d was running even after the path\nraid_dtr -\u003e md_stop -\u003e __md_stop.\n\nLet\u0027s stop write first in destructor to align with normal md-raid to\nfix the KASAN issue.\n\n[1]. https://lore.kernel.org/linux-raid/CAPhsuW5gc4AakdGNdF8ubpezAuDLFOYUO_sfMZcec6hQFm8nhg@mail.gmail.com/T/#m7f12bf90481c02c6d2da68c64aeed4779b7df74a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49987",
"url": "https://www.suse.com/security/cve/CVE-2022-49987"
},
{
"category": "external",
"summary": "SUSE Bug 1245024 for CVE-2022-49987",
"url": "https://bugzilla.suse.com/1245024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49987"
},
{
"cve": "CVE-2022-49989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/privcmd: fix error exit of privcmd_ioctl_dm_op()\n\nThe error exit of privcmd_ioctl_dm_op() is calling unlock_pages()\npotentially with pages being NULL, leading to a NULL dereference.\n\nAdditionally lock_pages() doesn\u0027t check for pin_user_pages_fast()\nhaving been completely successful, resulting in potentially not\nlocking all pages into memory. This could result in sporadic failures\nwhen using the related memory in user mode.\n\nFix all of that by calling unlock_pages() always with the real number\nof pinned pages, which will be zero in case pages being NULL, and by\nchecking the number of pages pinned by pin_user_pages_fast() matching\nthe expected number of pages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49989",
"url": "https://www.suse.com/security/cve/CVE-2022-49989"
},
{
"category": "external",
"summary": "SUSE Bug 1245007 for CVE-2022-49989",
"url": "https://bugzilla.suse.com/1245007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49989"
},
{
"cve": "CVE-2022-49990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390: fix double free of GS and RI CBs on fork() failure\n\nThe pointers for guarded storage and runtime instrumentation control\nblocks are stored in the thread_struct of the associated task. These\npointers are initially copied on fork() via arch_dup_task_struct()\nand then cleared via copy_thread() before fork() returns. If fork()\nhappens to fail after the initial task dup and before copy_thread(),\nthe newly allocated task and associated thread_struct memory are\nfreed via free_task() -\u003e arch_release_task_struct(). This results in\na double free of the guarded storage and runtime info structs\nbecause the fields in the failed task still refer to memory\nassociated with the source task.\n\nThis problem can manifest as a BUG_ON() in set_freepointer() (with\nCONFIG_SLAB_FREELIST_HARDENED enabled) or KASAN splat (if enabled)\nwhen running trinity syscall fuzz tests on s390x. To avoid this\nproblem, clear the associated pointer fields in\narch_dup_task_struct() immediately after the new task is copied.\nNote that the RI flag is still cleared in copy_thread() because it\nresides in thread stack memory and that is where stack info is\ncopied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49990",
"url": "https://www.suse.com/security/cve/CVE-2022-49990"
},
{
"category": "external",
"summary": "SUSE Bug 1245006 for CVE-2022-49990",
"url": "https://bugzilla.suse.com/1245006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49990"
},
{
"cve": "CVE-2022-49993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Check for overflow while configuring loop\n\nThe userspace can configure a loop using an ioctl call, wherein\na configuration of type loop_config is passed (see lo_ioctl()\u0027s\ncase on line 1550 of drivers/block/loop.c). This proceeds to call\nloop_configure() which in turn calls loop_set_status_from_info()\n(see line 1050 of loop.c), passing \u0026config-\u003einfo which is of type\nloop_info64*. This function then sets the appropriate values, like\nthe offset.\n\nloop_device has lo_offset of type loff_t (see line 52 of loop.c),\nwhich is typdef-chained to long long, whereas loop_info64 has\nlo_offset of type __u64 (see line 56 of include/uapi/linux/loop.h).\n\nThe function directly copies offset from info to the device as\nfollows (See line 980 of loop.c):\n\tlo-\u003elo_offset = info-\u003elo_offset;\n\nThis results in an overflow, which triggers a warning in iomap_iter()\ndue to a call to iomap_iter_done() which has:\n\tWARN_ON_ONCE(iter-\u003eiomap.offset \u003e iter-\u003epos);\n\nThus, check for negative value during loop_set_status_from_info().\n\nBug report: https://syzkaller.appspot.com/bug?id=c620fe14aac810396d3c3edc9ad73848bf69a29e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49993",
"url": "https://www.suse.com/security/cve/CVE-2022-49993"
},
{
"category": "external",
"summary": "SUSE Bug 1245121 for CVE-2022-49993",
"url": "https://bugzilla.suse.com/1245121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-49993"
},
{
"cve": "CVE-2022-50010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: i740fb: Check the argument of i740_calc_vclk()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug.\n\nIf the user provides an improper \u0027pixclock\u0027 value that makes the argumet\nof i740_calc_vclk() less than \u0027I740_RFREQ_FIX\u0027, it will cause a\ndivide-by-zero bug in:\n drivers/video/fbdev/i740fb.c:353 p_best = min(15, ilog2(I740_MAX_VCO_FREQ / (freq / I740_RFREQ_FIX)));\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:i740_calc_vclk drivers/video/fbdev/i740fb.c:353 [inline]\nRIP: 0010:i740fb_decode_var drivers/video/fbdev/i740fb.c:646 [inline]\nRIP: 0010:i740fb_set_par+0x163f/0x3b70 drivers/video/fbdev/i740fb.c:742\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of i740_calc_vclk() first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50010",
"url": "https://www.suse.com/security/cve/CVE-2022-50010"
},
{
"category": "external",
"summary": "SUSE Bug 1245122 for CVE-2022-50010",
"url": "https://bugzilla.suse.com/1245122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50010"
},
{
"cve": "CVE-2022-50012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64: Init jump labels before parse_early_param()\n\nOn 64-bit, calling jump_label_init() in setup_feature_keys() is too\nlate because static keys may be used in subroutines of\nparse_early_param() which is again subroutine of early_init_devtree().\n\nFor example booting with \"threadirqs\":\n\n static_key_enable_cpuslocked(): static key \u00270xc000000002953260\u0027 used before call to jump_label_init()\n WARNING: CPU: 0 PID: 0 at kernel/jump_label.c:166 static_key_enable_cpuslocked+0xfc/0x120\n ...\n NIP static_key_enable_cpuslocked+0xfc/0x120\n LR static_key_enable_cpuslocked+0xf8/0x120\n Call Trace:\n static_key_enable_cpuslocked+0xf8/0x120 (unreliable)\n static_key_enable+0x30/0x50\n setup_forced_irqthreads+0x28/0x40\n do_early_param+0xa0/0x108\n parse_args+0x290/0x4e0\n parse_early_options+0x48/0x5c\n parse_early_param+0x58/0x84\n early_init_devtree+0xd4/0x518\n early_setup+0xb4/0x214\n\nSo call jump_label_init() just before parse_early_param() in\nearly_init_devtree().\n\n[mpe: Add call trace to change log and minor wording edits.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50012",
"url": "https://www.suse.com/security/cve/CVE-2022-50012"
},
{
"category": "external",
"summary": "SUSE Bug 1245125 for CVE-2022-50012",
"url": "https://bugzilla.suse.com/1245125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50012"
},
{
"cve": "CVE-2022-50019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: Fix refcount leak bug in ucc_uart.c\n\nIn soc_info(), of_find_node_by_type() will return a node pointer\nwith refcount incremented. We should use of_node_put() when it is\nnot used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50019",
"url": "https://www.suse.com/security/cve/CVE-2022-50019"
},
{
"category": "external",
"summary": "SUSE Bug 1245098 for CVE-2022-50019",
"url": "https://bugzilla.suse.com/1245098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50019"
},
{
"cve": "CVE-2022-50020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid resizing to a partial cluster size\n\nThis patch avoids an attempt to resize the filesystem to an\nunaligned cluster boundary. An online resize to a size that is not\nintegral to cluster size results in the last iteration attempting to\ngrow the fs by a negative amount, which trips a BUG_ON and leaves the fs\nwith a corrupted in-memory superblock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50020",
"url": "https://www.suse.com/security/cve/CVE-2022-50020"
},
{
"category": "external",
"summary": "SUSE Bug 1245129 for CVE-2022-50020",
"url": "https://bugzilla.suse.com/1245129"
},
{
"category": "external",
"summary": "SUSE Bug 1245130 for CVE-2022-50020",
"url": "https://bugzilla.suse.com/1245130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50020"
},
{
"cve": "CVE-2022-50022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers:md:fix a potential use-after-free bug\n\nIn line 2884, \"raid5_release_stripe(sh);\" drops the reference to sh and\nmay cause sh to be released. However, sh is subsequently used in lines\n2886 \"if (sh-\u003ebatch_head \u0026\u0026 sh != sh-\u003ebatch_head)\". This may result in an\nuse-after-free bug.\n\nIt can be fixed by moving \"raid5_release_stripe(sh);\" to the bottom of\nthe function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50022",
"url": "https://www.suse.com/security/cve/CVE-2022-50022"
},
{
"category": "external",
"summary": "SUSE Bug 1245131 for CVE-2022-50022",
"url": "https://bugzilla.suse.com/1245131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50022"
},
{
"cve": "CVE-2022-50027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak when failing to issue CMF WQE\n\nThere is no corresponding free routine if lpfc_sli4_issue_wqe fails to\nissue the CMF WQE in lpfc_issue_cmf_sync_wqe.\n\nIf ret_val is non-zero, then free the iocbq request structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50027",
"url": "https://www.suse.com/security/cve/CVE-2022-50027"
},
{
"category": "external",
"summary": "SUSE Bug 1245073 for CVE-2022-50027",
"url": "https://bugzilla.suse.com/1245073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50027"
},
{
"cve": "CVE-2022-50028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngadgetfs: ep_io - wait until IRQ finishes\n\nafter usb_ep_queue() if wait_for_completion_interruptible() is\ninterrupted we need to wait until IRQ gets finished.\n\nOtherwise complete() from epio_complete() can corrupt stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50028",
"url": "https://www.suse.com/security/cve/CVE-2022-50028"
},
{
"category": "external",
"summary": "SUSE Bug 1245135 for CVE-2022-50028",
"url": "https://bugzilla.suse.com/1245135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50028"
},
{
"cve": "CVE-2022-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: ipq8074: dont disable gcc_sleep_clk_src\n\nOnce the usb sleep clocks are disabled, clock framework is trying to\ndisable the sleep clock source also.\n\nHowever, it seems that it cannot be disabled and trying to do so produces:\n[ 245.436390] ------------[ cut here ]------------\n[ 245.441233] gcc_sleep_clk_src status stuck at \u0027on\u0027\n[ 245.441254] WARNING: CPU: 2 PID: 223 at clk_branch_wait+0x130/0x140\n[ 245.450435] Modules linked in: xhci_plat_hcd xhci_hcd dwc3 dwc3_qcom leds_gpio\n[ 245.456601] CPU: 2 PID: 223 Comm: sh Not tainted 5.18.0-rc4 #215\n[ 245.463889] Hardware name: Xiaomi AX9000 (DT)\n[ 245.470050] pstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 245.474307] pc : clk_branch_wait+0x130/0x140\n[ 245.481073] lr : clk_branch_wait+0x130/0x140\n[ 245.485588] sp : ffffffc009f2bad0\n[ 245.489838] x29: ffffffc009f2bad0 x28: ffffff8003e6c800 x27: 0000000000000000\n[ 245.493057] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800226ef20\n[ 245.500175] x23: ffffffc0089ff550 x22: 0000000000000000 x21: ffffffc008476ad0\n[ 245.507294] x20: 0000000000000000 x19: ffffffc00965ac70 x18: fffffffffffc51a7\n[ 245.514413] x17: 68702e3030303837 x16: 3a6d726f6674616c x15: ffffffc089f2b777\n[ 245.521531] x14: ffffffc0095c9d18 x13: 0000000000000129 x12: 0000000000000129\n[ 245.528649] x11: 00000000ffffffea x10: ffffffc009621d18 x9 : 0000000000000001\n[ 245.535767] x8 : 0000000000000001 x7 : 0000000000017fe8 x6 : 0000000000000001\n[ 245.542885] x5 : ffffff803fdca6d8 x4 : 0000000000000000 x3 : 0000000000000027\n[ 245.550002] x2 : 0000000000000027 x1 : 0000000000000023 x0 : 0000000000000026\n[ 245.557122] Call trace:\n[ 245.564229] clk_branch_wait+0x130/0x140\n[ 245.566490] clk_branch2_disable+0x2c/0x40\n[ 245.570656] clk_core_disable+0x60/0xb0\n[ 245.574561] clk_core_disable+0x68/0xb0\n[ 245.578293] clk_disable+0x30/0x50\n[ 245.582113] dwc3_qcom_remove+0x60/0xc0 [dwc3_qcom]\n[ 245.585588] platform_remove+0x28/0x60\n[ 245.590361] device_remove+0x4c/0x80\n[ 245.594179] device_release_driver_internal+0x1dc/0x230\n[ 245.597914] device_driver_detach+0x18/0x30\n[ 245.602861] unbind_store+0xec/0x110\n[ 245.607027] drv_attr_store+0x24/0x40\n[ 245.610847] sysfs_kf_write+0x44/0x60\n[ 245.614405] kernfs_fop_write_iter+0x128/0x1c0\n[ 245.618052] new_sync_write+0xc0/0x130\n[ 245.622391] vfs_write+0x1d4/0x2a0\n[ 245.626123] ksys_write+0x58/0xe0\n[ 245.629508] __arm64_sys_write+0x1c/0x30\n[ 245.632895] invoke_syscall.constprop.0+0x5c/0x110\n[ 245.636890] do_el0_svc+0xa0/0x150\n[ 245.641488] el0_svc+0x18/0x60\n[ 245.644872] el0t_64_sync_handler+0xa4/0x130\n[ 245.647914] el0t_64_sync+0x174/0x178\n[ 245.652340] ---[ end trace 0000000000000000 ]---\n\nSo, add CLK_IS_CRITICAL flag to the clock so that the kernel won\u0027t try\nto disable the sleep clock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50029",
"url": "https://www.suse.com/security/cve/CVE-2022-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1245146 for CVE-2022-50029",
"url": "https://bugzilla.suse.com/1245146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50029"
},
{
"cve": "CVE-2022-50030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input\n\nMalformed user input to debugfs results in buffer overflow crashes. Adapt\ninput string lengths to fit within internal buffers, leaving space for NULL\nterminators.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50030",
"url": "https://www.suse.com/security/cve/CVE-2022-50030"
},
{
"category": "external",
"summary": "SUSE Bug 1245265 for CVE-2022-50030",
"url": "https://bugzilla.suse.com/1245265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50030"
},
{
"cve": "CVE-2022-50032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas: Fix refcount leak bug\n\nIn usbhs_rza1_hardware_init(), of_find_node_by_name() will return\na node pointer with refcount incremented. We should use of_node_put()\nwhen it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50032",
"url": "https://www.suse.com/security/cve/CVE-2022-50032"
},
{
"category": "external",
"summary": "SUSE Bug 1245103 for CVE-2022-50032",
"url": "https://bugzilla.suse.com/1245103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50032"
},
{
"cve": "CVE-2022-50033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-ppc-of: Fix refcount leak bug\n\nIn ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return\na node pointer with refcount incremented. We should use of_node_put()\nwhen it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50033",
"url": "https://www.suse.com/security/cve/CVE-2022-50033"
},
{
"category": "external",
"summary": "SUSE Bug 1245139 for CVE-2022-50033",
"url": "https://bugzilla.suse.com/1245139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50033"
},
{
"cve": "CVE-2022-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sun4i: dsi: Prevent underflow when computing packet sizes\n\nCurrently, the packet overhead is subtracted using unsigned arithmetic.\nWith a short sync pulse, this could underflow and wrap around to near\nthe maximal u16 value. Fix this by using signed subtraction. The call to\nmax() will correctly handle any negative numbers that are produced.\n\nApply the same fix to the other timings, even though those subtractions\nare less likely to underflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50036",
"url": "https://www.suse.com/security/cve/CVE-2022-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1244941 for CVE-2022-50036",
"url": "https://bugzilla.suse.com/1244941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50036"
},
{
"cve": "CVE-2022-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n\nIn this function, there are two refcount leak bugs:\n(1) when breaking out of for_each_endpoint_of_node(), we need call\nthe of_node_put() for the \u0027ep\u0027;\n(2) we should call of_node_put() for the reference returned by\nof_graph_get_remote_port() when it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50038",
"url": "https://www.suse.com/security/cve/CVE-2022-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1244943 for CVE-2022-50038",
"url": "https://bugzilla.suse.com/1244943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50038"
},
{
"cve": "CVE-2022-50045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pci: Fix get_phb_number() locking\n\nThe recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP\nwarning on some systems:\n\n BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n 1 lock held by swapper/1:\n #0: c157efb0 (hose_spinlock){+.+.}-{2:2}, at: pcibios_alloc_controller+0x64/0x220\n Preemption disabled at:\n [\u003c00000000\u003e] 0x0\n CPU: 0 PID: 1 Comm: swapper Not tainted 5.19.0-yocto-standard+ #1\n Call Trace:\n [d101dc90] [c073b264] dump_stack_lvl+0x50/0x8c (unreliable)\n [d101dcb0] [c0093b70] __might_resched+0x258/0x2a8\n [d101dcd0] [c0d3e634] __mutex_lock+0x6c/0x6ec\n [d101dd50] [c0a84174] of_alias_get_id+0x50/0xf4\n [d101dd80] [c002ec78] pcibios_alloc_controller+0x1b8/0x220\n [d101ddd0] [c140c9dc] pmac_pci_init+0x198/0x784\n [d101de50] [c140852c] discover_phbs+0x30/0x4c\n [d101de60] [c0007fd4] do_one_initcall+0x94/0x344\n [d101ded0] [c1403b40] kernel_init_freeable+0x1a8/0x22c\n [d101df10] [c00086e0] kernel_init+0x34/0x160\n [d101df30] [c001b334] ret_from_kernel_thread+0x5c/0x64\n\nThis is because pcibios_alloc_controller() holds hose_spinlock but\nof_alias_get_id() takes of_mutex which can sleep.\n\nThe hose_spinlock protects the phb_bitmap, and also the hose_list, but\nit doesn\u0027t need to be held while get_phb_number() calls the OF routines,\nbecause those are only looking up information in the device tree.\n\nSo fix it by having get_phb_number() take the hose_spinlock itself, only\nwhere required, and then dropping the lock before returning.\npcibios_alloc_controller() then needs to take the lock again before the\nlist_add() but that\u0027s safe, the order of the list is not important.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50045",
"url": "https://www.suse.com/security/cve/CVE-2022-50045"
},
{
"category": "external",
"summary": "SUSE Bug 1244967 for CVE-2022-50045",
"url": "https://bugzilla.suse.com/1244967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50045"
},
{
"cve": "CVE-2022-50051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n\nsnprintf() returns the would-be-filled size when the string overflows\nthe given buffer size, hence using this value may result in the buffer\noverflow (although it\u0027s unrealistic).\n\nThis patch replaces with a safer version, scnprintf() for papering\nover such a potential issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50051",
"url": "https://www.suse.com/security/cve/CVE-2022-50051"
},
{
"category": "external",
"summary": "SUSE Bug 1245041 for CVE-2022-50051",
"url": "https://bugzilla.suse.com/1245041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50051"
},
{
"cve": "CVE-2022-50059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: don\u0027t leak snap_rwsem in handle_cap_grant\n\nWhen handle_cap_grant is called on an IMPORT op, then the snap_rwsem is\nheld and the function is expected to release it before returning. It\ncurrently fails to do that in all cases which could lead to a deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50059",
"url": "https://www.suse.com/security/cve/CVE-2022-50059"
},
{
"category": "external",
"summary": "SUSE Bug 1245031 for CVE-2022-50059",
"url": "https://bugzilla.suse.com/1245031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50059"
},
{
"cve": "CVE-2022-50061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50061",
"url": "https://www.suse.com/security/cve/CVE-2022-50061"
},
{
"category": "external",
"summary": "SUSE Bug 1245033 for CVE-2022-50061",
"url": "https://bugzilla.suse.com/1245033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50061"
},
{
"cve": "CVE-2022-50065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: fix memory leak inside XPD_TX with mergeable\n\nWhen we call xdp_convert_buff_to_frame() to get xdpf, if it returns\nNULL, we should check if xdp_page was allocated by xdp_linearize_page().\nIf it is newly allocated, it should be freed here alone. Just like any\nother \"goto err_xdp\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50065",
"url": "https://www.suse.com/security/cve/CVE-2022-50065"
},
{
"category": "external",
"summary": "SUSE Bug 1244986 for CVE-2022-50065",
"url": "https://bugzilla.suse.com/1244986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50065"
},
{
"cve": "CVE-2022-50067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50067"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: unset reloc control if transaction commit fails in prepare_to_relocate()\n\nIn btrfs_relocate_block_group(), the rc is allocated. Then\nbtrfs_relocate_block_group() calls\n\nrelocate_block_group()\n prepare_to_relocate()\n set_reloc_control()\n\nthat assigns rc to the variable fs_info-\u003ereloc_ctl. When\nprepare_to_relocate() returns, it calls\n\nbtrfs_commit_transaction()\n btrfs_start_dirty_block_groups()\n btrfs_alloc_path()\n kmem_cache_zalloc()\n\nwhich may fail for example (or other errors could happen). When the\nfailure occurs, btrfs_relocate_block_group() detects the error and frees\nrc and doesn\u0027t set fs_info-\u003ereloc_ctl to NULL. After that, in\nbtrfs_init_reloc_root(), rc is retrieved from fs_info-\u003ereloc_ctl and\nthen used, which may cause a use-after-free bug.\n\nThis possible bug can be triggered by calling btrfs_ioctl_balance()\nbefore calling btrfs_ioctl_defrag().\n\nTo fix this possible bug, in prepare_to_relocate(), check if\nbtrfs_commit_transaction() fails. If the failure occurs,\nunset_reloc_control() is called to set fs_info-\u003ereloc_ctl to NULL.\n\nThe error log in our fault-injection testing is shown as follows:\n\n [ 58.751070] BUG: KASAN: use-after-free in btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n ...\n [ 58.753577] Call Trace:\n ...\n [ 58.755800] kasan_report+0x45/0x60\n [ 58.756066] btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n [ 58.757304] record_root_in_trans+0x792/0xa10 [btrfs]\n [ 58.757748] btrfs_record_root_in_trans+0x463/0x4f0 [btrfs]\n [ 58.758231] start_transaction+0x896/0x2950 [btrfs]\n [ 58.758661] btrfs_defrag_root+0x250/0xc00 [btrfs]\n [ 58.759083] btrfs_ioctl_defrag+0x467/0xa00 [btrfs]\n [ 58.759513] btrfs_ioctl+0x3c95/0x114e0 [btrfs]\n ...\n [ 58.768510] Allocated by task 23683:\n [ 58.768777] ____kasan_kmalloc+0xb5/0xf0\n [ 58.769069] __kmalloc+0x227/0x3d0\n [ 58.769325] alloc_reloc_control+0x10a/0x3d0 [btrfs]\n [ 58.769755] btrfs_relocate_block_group+0x7aa/0x1e20 [btrfs]\n [ 58.770228] btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n [ 58.770655] __btrfs_balance+0x1326/0x1f10 [btrfs]\n [ 58.771071] btrfs_balance+0x3150/0x3d30 [btrfs]\n [ 58.771472] btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n [ 58.771902] btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n ...\n [ 58.773337] Freed by task 23683:\n ...\n [ 58.774815] kfree+0xda/0x2b0\n [ 58.775038] free_reloc_control+0x1d6/0x220 [btrfs]\n [ 58.775465] btrfs_relocate_block_group+0x115c/0x1e20 [btrfs]\n [ 58.775944] btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n [ 58.776369] __btrfs_balance+0x1326/0x1f10 [btrfs]\n [ 58.776784] btrfs_balance+0x3150/0x3d30 [btrfs]\n [ 58.777185] btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n [ 58.777621] btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50067",
"url": "https://www.suse.com/security/cve/CVE-2022-50067"
},
{
"category": "external",
"summary": "SUSE Bug 1245047 for CVE-2022-50067",
"url": "https://bugzilla.suse.com/1245047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50067"
},
{
"cve": "CVE-2022-50072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pnfs: Fix a use-after-free bug in open\n\nIf someone cancels the open RPC call, then we must not try to free\neither the open slot or the layoutget operation arguments, since they\nare likely still in use by the hung RPC call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50072",
"url": "https://www.suse.com/security/cve/CVE-2022-50072"
},
{
"category": "external",
"summary": "SUSE Bug 1244979 for CVE-2022-50072",
"url": "https://bugzilla.suse.com/1244979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50072"
},
{
"cve": "CVE-2022-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h\n\nWhen adding an xattr to an inode, we must ensure that the inode_size is\nnot less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise,\nthe end position may be greater than the start position, resulting in UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50083",
"url": "https://www.suse.com/security/cve/CVE-2022-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1244968 for CVE-2022-50083",
"url": "https://bugzilla.suse.com/1244968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50083"
},
{
"cve": "CVE-2022-50084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix address sanitizer warning in raid_status\n\nThere is this warning when using a kernel with the address sanitizer\nand running this testsuite:\nhttps://gitlab.com/cki-project/kernel-tests/-/tree/main/storage/swraid/scsi_raid\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in raid_status+0x1747/0x2820 [dm_raid]\nRead of size 4 at addr ffff888079d2c7e8 by task lvcreate/13319\nCPU: 0 PID: 13319 Comm: lvcreate Not tainted 5.18.0-0.rc3.\u003csnip\u003e #1\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6a/0x9c\n print_address_description.constprop.0+0x1f/0x1e0\n print_report.cold+0x55/0x244\n kasan_report+0xc9/0x100\n raid_status+0x1747/0x2820 [dm_raid]\n dm_ima_measure_on_table_load+0x4b8/0xca0 [dm_mod]\n table_load+0x35c/0x630 [dm_mod]\n ctl_ioctl+0x411/0x630 [dm_mod]\n dm_ctl_ioctl+0xa/0x10 [dm_mod]\n __x64_sys_ioctl+0x12a/0x1a0\n do_syscall_64+0x5b/0x80\n\nThe warning is caused by reading conf-\u003emax_nr_stripes in raid_status. The\ncode in raid_status reads mddev-\u003eprivate, casts it to struct r5conf and\nreads the entry max_nr_stripes.\n\nHowever, if we have different raid type than 4/5/6, mddev-\u003eprivate\ndoesn\u0027t point to struct r5conf; it may point to struct r0conf, struct\nr1conf, struct r10conf or struct mpconf. If we cast a pointer to one\nof these structs to struct r5conf, we will be reading invalid memory\nand KASAN warns about it.\n\nFix this bug by reading struct r5conf only if raid type is 4, 5 or 6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50084",
"url": "https://www.suse.com/security/cve/CVE-2022-50084"
},
{
"category": "external",
"summary": "SUSE Bug 1245117 for CVE-2022-50084",
"url": "https://bugzilla.suse.com/1245117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50084"
},
{
"cve": "CVE-2022-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix address sanitizer warning in raid_resume\n\nThere is a KASAN warning in raid_resume when running the lvm test\nlvconvert-raid.sh. The reason for the warning is that mddev-\u003eraid_disks\nis greater than rs-\u003eraid_disks, so the loop touches one entry beyond\nthe allocated length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50085",
"url": "https://www.suse.com/security/cve/CVE-2022-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1245147 for CVE-2022-50085",
"url": "https://bugzilla.suse.com/1245147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50085"
},
{
"cve": "CVE-2022-50087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails\n\nWhen scpi probe fails, at any point, we need to ensure that the scpi_info\nis not set and will remain NULL until the probe succeeds. If it is not\ntaken care, then it could result use-after-free as the value is exported\nvia get_scpi_ops() and could refer to a memory allocated via devm_kzalloc()\nbut freed when the probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50087",
"url": "https://www.suse.com/security/cve/CVE-2022-50087"
},
{
"category": "external",
"summary": "SUSE Bug 1245119 for CVE-2022-50087",
"url": "https://bugzilla.suse.com/1245119"
},
{
"category": "external",
"summary": "SUSE Bug 1245294 for CVE-2022-50087",
"url": "https://bugzilla.suse.com/1245294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2022-50087"
},
{
"cve": "CVE-2022-50091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlocking/csd_lock: Change csdlock_debug from early_param to __setup\n\nThe csdlock_debug kernel-boot parameter is parsed by the\nearly_param() function csdlock_debug(). If set, csdlock_debug()\ninvokes static_branch_enable() to enable csd_lock_wait feature, which\ntriggers a panic on arm64 for kernels built with CONFIG_SPARSEMEM=y and\nCONFIG_SPARSEMEM_VMEMMAP=n.\n\nWith CONFIG_SPARSEMEM_VMEMMAP=n, __nr_to_section is called in\nstatic_key_enable() and returns NULL, resulting in a NULL dereference\nbecause mem_section is initialized only later in sparse_init().\n\nThis is also a problem for powerpc because early_param() functions\nare invoked earlier than jump_label_init(), also resulting in\nstatic_key_enable() failures. These failures cause the warning \"static\nkey \u0027xxx\u0027 used before call to jump_label_init()\".\n\nThus, early_param is too early for csd_lock_wait to run\nstatic_branch_enable(), so changes it to __setup to fix these.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50091",
"url": "https://www.suse.com/security/cve/CVE-2022-50091"
},
{
"category": "external",
"summary": "SUSE Bug 1244885 for CVE-2022-50091",
"url": "https://bugzilla.suse.com/1244885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50091"
},
{
"cve": "CVE-2022-50092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50092"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: fix use-after-free crash in dm_sm_register_threshold_callback\n\nFault inject on pool metadata device reports:\n BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80\n Read of size 8 at addr ffff8881b9d50068 by task dmsetup/950\n\n CPU: 7 PID: 950 Comm: dmsetup Tainted: G W 5.19.0-rc6 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_address_description.constprop.0.cold+0xeb/0x3f4\n kasan_report.cold+0xe6/0x147\n dm_pool_register_metadata_threshold+0x40/0x80\n pool_ctr+0xa0a/0x1150\n dm_table_add_target+0x2c8/0x640\n table_load+0x1fd/0x430\n ctl_ioctl+0x2c4/0x5a0\n dm_ctl_ioctl+0xa/0x10\n __x64_sys_ioctl+0xb3/0xd0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThis can be easily reproduced using:\n echo offline \u003e /sys/block/sda/device/state\n dd if=/dev/zero of=/dev/mapper/thin bs=4k count=10\n dmsetup load pool --table \"0 20971520 thin-pool /dev/sda /dev/sdb 128 0 0\"\n\nIf a metadata commit fails, the transaction will be aborted and the\nmetadata space maps will be destroyed. If a DM table reload then\nhappens for this failed thin-pool, a use-after-free will occur in\ndm_sm_register_threshold_callback (called from\ndm_pool_register_metadata_threshold).\n\nFix this by in dm_pool_register_metadata_threshold() by returning the\n-EINVAL error if the thin-pool is in fail mode. Also fail pool_ctr()\nwith a new error message: \"Error registering metadata threshold\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50092",
"url": "https://www.suse.com/security/cve/CVE-2022-50092"
},
{
"category": "external",
"summary": "SUSE Bug 1244848 for CVE-2022-50092",
"url": "https://bugzilla.suse.com/1244848"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50092"
},
{
"cve": "CVE-2022-50093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n\nKASAN reports:\n\n[ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/nodemask.h:415 drivers/iommu/intel/dmar.c:497)\n[ 4.676149][ T0] Read of size 8 at addr 1fffffff85115558 by task swapper/0/0\n[ 4.683454][ T0]\n[ 4.685638][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.19.0-rc3-00004-g0e862838f290 #1\n[ 4.694331][ T0] Hardware name: Supermicro SYS-5018D-FN4T/X10SDV-8C-TLN4F, BIOS 1.1 03/02/2016\n[ 4.703196][ T0] Call Trace:\n[ 4.706334][ T0] \u003cTASK\u003e\n[ 4.709133][ T0] ? dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/nodemask.h:415 drivers/iommu/intel/dmar.c:497)\n\nafter converting the type of the first argument (@nr, bit number)\nof arch_test_bit() from `long` to `unsigned long`[0].\n\nUnder certain conditions (for example, when ACPI NUMA is disabled\nvia command line), pxm_to_node() can return %NUMA_NO_NODE (-1).\nIt is valid \u0027magic\u0027 number of NUMA node, but not valid bit number\nto use in bitops.\nnode_online() eventually descends to test_bit() without checking\nfor the input, assuming it\u0027s on caller side (which might be good\nfor perf-critical tasks). There, -1 becomes %ULONG_MAX which leads\nto an insane array index when calculating bit position in memory.\n\nFor now, add an explicit check for @node being not %NUMA_NO_NODE\nbefore calling test_bit(). The actual logics didn\u0027t change here\nat all.\n\n[0] https://github.com/norov/linux/commit/0e862838f290147ea9c16db852d8d494b552d38d",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50093",
"url": "https://www.suse.com/security/cve/CVE-2022-50093"
},
{
"category": "external",
"summary": "SUSE Bug 1244849 for CVE-2022-50093",
"url": "https://bugzilla.suse.com/1244849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50093"
},
{
"cve": "CVE-2022-50094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n\ntrace_spmi_write_begin() and trace_spmi_read_end() both call\nmemcpy() with a length of \"len + 1\". This leads to one extra\nbyte being read beyond the end of the specified buffer. Fix\nthis out-of-bound memory access by using a length of \"len\"\ninstead.\n\nHere is a KASAN log showing the issue:\n\nBUG: KASAN: stack-out-of-bounds in trace_event_raw_event_spmi_read_end+0x1d0/0x234\nRead of size 2 at addr ffffffc0265b7540 by task thermal@2.0-ser/1314\n...\nCall trace:\n dump_backtrace+0x0/0x3e8\n show_stack+0x2c/0x3c\n dump_stack_lvl+0xdc/0x11c\n print_address_description+0x74/0x384\n kasan_report+0x188/0x268\n kasan_check_range+0x270/0x2b0\n memcpy+0x90/0xe8\n trace_event_raw_event_spmi_read_end+0x1d0/0x234\n spmi_read_cmd+0x294/0x3ac\n spmi_ext_register_readl+0x84/0x9c\n regmap_spmi_ext_read+0x144/0x1b0 [regmap_spmi]\n _regmap_raw_read+0x40c/0x754\n regmap_raw_read+0x3a0/0x514\n regmap_bulk_read+0x418/0x494\n adc5_gen3_poll_wait_hs+0xe8/0x1e0 [qcom_spmi_adc5_gen3]\n ...\n __arm64_sys_read+0x4c/0x60\n invoke_syscall+0x80/0x218\n el0_svc_common+0xec/0x1c8\n ...\n\naddr ffffffc0265b7540 is located in stack of task thermal@2.0-ser/1314 at offset 32 in frame:\n adc5_gen3_poll_wait_hs+0x0/0x1e0 [qcom_spmi_adc5_gen3]\n\nthis frame has 1 object:\n [32, 33) \u0027status\u0027\n\nMemory state around the buggy address:\n ffffffc0265b7400: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1\n ffffffc0265b7480: 04 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effffffc0265b7500: 00 00 00 00 f1 f1 f1 f1 01 f3 f3 f3 00 00 00 00\n ^\n ffffffc0265b7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffffffc0265b7600: f1 f1 f1 f1 01 f2 07 f2 f2 f2 01 f3 00 00 00 00\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50094",
"url": "https://www.suse.com/security/cve/CVE-2022-50094"
},
{
"category": "external",
"summary": "SUSE Bug 1244851 for CVE-2022-50094",
"url": "https://bugzilla.suse.com/1244851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50094"
},
{
"cve": "CVE-2022-50097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: s3fb: Check the size of screen before memset_io()\n\nIn the function s3fb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 54.083733] BUG: unable to handle page fault for address: ffffc90003000000\n[ 54.083742] #PF: supervisor write access in kernel mode\n[ 54.083744] #PF: error_code(0x0002) - not-present page\n[ 54.083760] RIP: 0010:memset_orig+0x33/0xb0\n[ 54.083782] Call Trace:\n[ 54.083788] s3fb_set_par+0x1ec6/0x4040\n[ 54.083806] fb_set_var+0x604/0xeb0\n[ 54.083836] do_fb_ioctl+0x234/0x670\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50097",
"url": "https://www.suse.com/security/cve/CVE-2022-50097"
},
{
"category": "external",
"summary": "SUSE Bug 1244845 for CVE-2022-50097",
"url": "https://bugzilla.suse.com/1244845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50097"
},
{
"cve": "CVE-2022-50098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts\n\nEnsure SRB is returned during I/O timeout error escalation. If that is not\npossible fail the escalation path.\n\nFollowing crash stack was seen:\n\nBUG: unable to handle kernel paging request at 0000002f56aa90f8\nIP: qla_chk_edif_rx_sa_delete_pending+0x14/0x30 [qla2xxx]\nCall Trace:\n ? qla2x00_status_entry+0x19f/0x1c50 [qla2xxx]\n ? qla2x00_start_sp+0x116/0x1170 [qla2xxx]\n ? dma_pool_alloc+0x1d6/0x210\n ? mempool_alloc+0x54/0x130\n ? qla24xx_process_response_queue+0x548/0x12b0 [qla2xxx]\n ? qla_do_work+0x2d/0x40 [qla2xxx]\n ? process_one_work+0x14c/0x390",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50098",
"url": "https://www.suse.com/security/cve/CVE-2022-50098"
},
{
"category": "external",
"summary": "SUSE Bug 1244841 for CVE-2022-50098",
"url": "https://bugzilla.suse.com/1244841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50098"
},
{
"cve": "CVE-2022-50099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Check the size of screen before memset_io()\n\nIn the function arkfb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 659.399066] BUG: unable to handle page fault for address: ffffc90003000000\n[ 659.399077] #PF: supervisor write access in kernel mode\n[ 659.399079] #PF: error_code(0x0002) - not-present page\n[ 659.399094] RIP: 0010:memset_orig+0x33/0xb0\n[ 659.399116] Call Trace:\n[ 659.399122] arkfb_set_par+0x143f/0x24c0\n[ 659.399130] fb_set_var+0x604/0xeb0\n[ 659.399161] do_fb_ioctl+0x234/0x670\n[ 659.399189] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50099",
"url": "https://www.suse.com/security/cve/CVE-2022-50099"
},
{
"category": "external",
"summary": "SUSE Bug 1244842 for CVE-2022-50099",
"url": "https://bugzilla.suse.com/1244842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50099"
},
{
"cve": "CVE-2022-50101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: vt8623fb: Check the size of screen before memset_io()\n\nIn the function vt8623fb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 583.339036] BUG: unable to handle page fault for address: ffffc90005000000\n[ 583.339049] #PF: supervisor write access in kernel mode\n[ 583.339052] #PF: error_code(0x0002) - not-present page\n[ 583.339074] RIP: 0010:memset_orig+0x33/0xb0\n[ 583.339110] Call Trace:\n[ 583.339118] vt8623fb_set_par+0x11cd/0x21e0\n[ 583.339146] fb_set_var+0x604/0xeb0\n[ 583.339181] do_fb_ioctl+0x234/0x670\n[ 583.339209] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50101",
"url": "https://www.suse.com/security/cve/CVE-2022-50101"
},
{
"category": "external",
"summary": "SUSE Bug 1244839 for CVE-2022-50101",
"url": "https://bugzilla.suse.com/1244839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50101"
},
{
"cve": "CVE-2022-50102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug\nin:\n drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info-\u003evar.pixclock) / hmul);\nwith hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0.\nand then in:\n drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par-\u003edac, 0, 1000000000 / pixclock);\nwe\u0027ll get a division-by-zero.\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline]\nRIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of ark_set_pixclock() first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50102",
"url": "https://www.suse.com/security/cve/CVE-2022-50102"
},
{
"category": "external",
"summary": "SUSE Bug 1244838 for CVE-2022-50102",
"url": "https://bugzilla.suse.com/1244838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50102"
},
{
"cve": "CVE-2022-50104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/xive: Fix refcount leak in xive_get_max_prio\n\nof_find_node_by_path() returns a node pointer with\nrefcount incremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50104",
"url": "https://www.suse.com/security/cve/CVE-2022-50104"
},
{
"category": "external",
"summary": "SUSE Bug 1244836 for CVE-2022-50104",
"url": "https://bugzilla.suse.com/1244836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50104"
},
{
"cve": "CVE-2022-50108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: max77620: Fix refcount leak in max77620_initialise_fps\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50108",
"url": "https://www.suse.com/security/cve/CVE-2022-50108"
},
{
"category": "external",
"summary": "SUSE Bug 1244834 for CVE-2022-50108",
"url": "https://bugzilla.suse.com/1244834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50108"
},
{
"cve": "CVE-2022-50109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: amba-clcd: Fix refcount leak bugs\n\nIn clcdfb_of_init_display(), we should call of_node_put() for the\nreferences returned by of_graph_get_next_endpoint() and\nof_graph_get_remote_port_parent() which have increased the refcount.\n\nBesides, we should call of_node_put() both in fail path or when\nthe references are not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50109",
"url": "https://www.suse.com/security/cve/CVE-2022-50109"
},
{
"category": "external",
"summary": "SUSE Bug 1244884 for CVE-2022-50109",
"url": "https://bugzilla.suse.com/1244884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50109"
},
{
"cve": "CVE-2022-50118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable\n\ncommit 2c9ac51b850d (\"powerpc/perf: Fix PMU callbacks to clear\npending PMI before resetting an overflown PMC\") added a new\nfunction \"pmi_irq_pending\" in hw_irq.h. This function is to check\nif there is a PMI marked as pending in Paca (PACA_IRQ_PMI).This is\nused in power_pmu_disable in a WARN_ON. The intention here is to\nprovide a warning if there is PMI pending, but no counter is found\noverflown.\n\nDuring some of the perf runs, below warning is hit:\n\nWARNING: CPU: 36 PID: 0 at arch/powerpc/perf/core-book3s.c:1332 power_pmu_disable+0x25c/0x2c0\n Modules linked in:\n -----\n\n NIP [c000000000141c3c] power_pmu_disable+0x25c/0x2c0\n LR [c000000000141c8c] power_pmu_disable+0x2ac/0x2c0\n Call Trace:\n [c000000baffcfb90] [c000000000141c8c] power_pmu_disable+0x2ac/0x2c0 (unreliable)\n [c000000baffcfc10] [c0000000003e2f8c] perf_pmu_disable+0x4c/0x60\n [c000000baffcfc30] [c0000000003e3344] group_sched_out.part.124+0x44/0x100\n [c000000baffcfc80] [c0000000003e353c] __perf_event_disable+0x13c/0x240\n [c000000baffcfcd0] [c0000000003dd334] event_function+0xc4/0x140\n [c000000baffcfd20] [c0000000003d855c] remote_function+0x7c/0xa0\n [c000000baffcfd50] [c00000000026c394] flush_smp_call_function_queue+0xd4/0x300\n [c000000baffcfde0] [c000000000065b24] smp_ipi_demux_relaxed+0xa4/0x100\n [c000000baffcfe20] [c0000000000cb2b0] xive_muxed_ipi_action+0x20/0x40\n [c000000baffcfe40] [c000000000207c3c] __handle_irq_event_percpu+0x8c/0x250\n [c000000baffcfee0] [c000000000207e2c] handle_irq_event_percpu+0x2c/0xa0\n [c000000baffcff10] [c000000000210a04] handle_percpu_irq+0x84/0xc0\n [c000000baffcff40] [c000000000205f14] generic_handle_irq+0x54/0x80\n [c000000baffcff60] [c000000000015740] __do_irq+0x90/0x1d0\n [c000000baffcff90] [c000000000016990] __do_IRQ+0xc0/0x140\n [c0000009732f3940] [c000000bafceaca8] 0xc000000bafceaca8\n [c0000009732f39d0] [c000000000016b78] do_IRQ+0x168/0x1c0\n [c0000009732f3a00] [c0000000000090c8] hardware_interrupt_common_virt+0x218/0x220\n\nThis means that there is no PMC overflown among the active events\nin the PMU, but there is a PMU pending in Paca. The function\n\"any_pmc_overflown\" checks the PMCs on active events in\ncpuhw-\u003en_events. Code snippet:\n\n\u003c\u003c\u003e\u003e\nif (any_pmc_overflown(cpuhw))\n \tclear_pmi_irq_pending();\n else\n \tWARN_ON(pmi_irq_pending());\n\u003c\u003c\u003e\u003e\n\nHere the PMC overflown is not from active event. Example: When we do\nperf record, default cycles and instructions will be running on PMC6\nand PMC5 respectively. It could happen that overflowed event is currently\nnot active and pending PMI is for the inactive event. Debug logs from\ntrace_printk:\n\n\u003c\u003c\u003e\u003e\nany_pmc_overflown: idx is 5: pmc value is 0xd9a\npower_pmu_disable: PMC1: 0x0, PMC2: 0x0, PMC3: 0x0, PMC4: 0x0, PMC5: 0xd9a, PMC6: 0x80002011\n\u003c\u003c\u003e\u003e\n\nHere active PMC (from idx) is PMC5 , but overflown PMC is PMC6(0x80002011).\nWhen we handle PMI interrupt for such cases, if the PMC overflown is\nfrom inactive event, it will be ignored. Reference commit:\ncommit bc09c219b2e6 (\"powerpc/perf: Fix finding overflowed PMC in interrupt\")\n\nPatch addresses two changes:\n1) Fix 1 : Removal of warning ( WARN_ON(pmi_irq_pending()); )\n We were printing warning if no PMC is found overflown among active PMU\n events, but PMI pending in PACA. But this could happen in cases where\n PMC overflown is not in active PMC. An inactive event could have caused\n the overflow. Hence the warning is not needed. To know pending PMI is\n from an inactive event, we need to loop through all PMC\u0027s which will\n cause more SPR reads via mfspr and increase in context switch. Also in\n existing function: perf_event_interrupt, already we ignore PMI\u0027s\n overflown when it is from an inactive PMC.\n\n2) Fix 2: optimization in clearing pending PMI.\n Currently we check for any active PMC overflown before clearing PMI\n pending in Paca. This is causing additional SP\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50118",
"url": "https://www.suse.com/security/cve/CVE-2022-50118"
},
{
"category": "external",
"summary": "SUSE Bug 1244825 for CVE-2022-50118",
"url": "https://bugzilla.suse.com/1244825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50118"
},
{
"cve": "CVE-2022-50124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50124",
"url": "https://www.suse.com/security/cve/CVE-2022-50124"
},
{
"category": "external",
"summary": "SUSE Bug 1244816 for CVE-2022-50124",
"url": "https://bugzilla.suse.com/1244816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50124"
},
{
"cve": "CVE-2022-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: fix assertion \u0027jh-\u003eb_frozen_data == NULL\u0027 failure when journal aborted\n\nFollowing process will fail assertion \u0027jh-\u003eb_frozen_data == NULL\u0027 in\njbd2_journal_dirty_metadata():\n\n jbd2_journal_commit_transaction\nunlink(dir/a)\n jh-\u003eb_transaction = trans1\n jh-\u003eb_jlist = BJ_Metadata\n journal-\u003ej_running_transaction = NULL\n trans1-\u003et_state = T_COMMIT\nunlink(dir/b)\n handle-\u003eh_trans = trans2\n do_get_write_access\n jh-\u003eb_modified = 0\n jh-\u003eb_frozen_data = frozen_buffer\n jh-\u003eb_next_transaction = trans2\n jbd2_journal_dirty_metadata\n is_handle_aborted\n is_journal_aborted // return false\n\n --\u003e jbd2 abort \u003c--\n\n while (commit_transaction-\u003et_buffers)\n if (is_journal_aborted)\n jbd2_journal_refile_buffer\n __jbd2_journal_refile_buffer\n WRITE_ONCE(jh-\u003eb_transaction,\n\t\t\t\t\t\tjh-\u003eb_next_transaction)\n WRITE_ONCE(jh-\u003eb_next_transaction, NULL)\n __jbd2_journal_file_buffer(jh, BJ_Reserved)\n J_ASSERT_JH(jh, jh-\u003eb_frozen_data == NULL) // assertion failure !\n\nThe reproducer (See detail in [Link]) reports:\n ------------[ cut here ]------------\n kernel BUG at fs/jbd2/transaction.c:1629!\n invalid opcode: 0000 [#1] PREEMPT SMP\n CPU: 2 PID: 584 Comm: unlink Tainted: G W\n 5.19.0-rc6-00115-g4a57a8400075-dirty #697\n RIP: 0010:jbd2_journal_dirty_metadata+0x3c5/0x470\n RSP: 0018:ffffc90000be7ce0 EFLAGS: 00010202\n Call Trace:\n \u003cTASK\u003e\n __ext4_handle_dirty_metadata+0xa0/0x290\n ext4_handle_dirty_dirblock+0x10c/0x1d0\n ext4_delete_entry+0x104/0x200\n __ext4_unlink+0x22b/0x360\n ext4_unlink+0x275/0x390\n vfs_unlink+0x20b/0x4c0\n do_unlinkat+0x42f/0x4c0\n __x64_sys_unlink+0x37/0x50\n do_syscall_64+0x35/0x80\n\nAfter journal aborting, __jbd2_journal_refile_buffer() is executed with\nholding @jh-\u003eb_state_lock, we can fix it by moving \u0027is_handle_aborted()\u0027\ninto the area protected by @jh-\u003eb_state_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50126",
"url": "https://www.suse.com/security/cve/CVE-2022-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1244813 for CVE-2022-50126",
"url": "https://bugzilla.suse.com/1244813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50126"
},
{
"cve": "CVE-2022-50127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50127"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix error unwind in rxe_create_qp()\n\nIn the function rxe_create_qp(), rxe_qp_from_init() is called to\ninitialize qp, internally things like the spin locks are not setup until\nrxe_qp_init_req().\n\nIf an error occures before this point then the unwind will call\nrxe_cleanup() and eventually to rxe_qp_do_cleanup()/rxe_cleanup_task()\nwhich will oops when trying to access the uninitialized spinlock.\n\nMove the spinlock initializations earlier before any failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50127",
"url": "https://www.suse.com/security/cve/CVE-2022-50127"
},
{
"category": "external",
"summary": "SUSE Bug 1244815 for CVE-2022-50127",
"url": "https://bugzilla.suse.com/1244815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50127"
},
{
"cve": "CVE-2022-50136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event\n\nIf siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn\u0027t\nbeen received completely, and should not report IW_CM_EVENT_CONNECT_REPLY\nin this case. This may trigger a call trace in iw_cm. A simple way to\ntrigger this:\n server: ib_send_lat\n client: ib_send_lat -R \u003cserver_ip\u003e\n\nThe call trace looks like this:\n\n kernel BUG at drivers/infiniband/core/iwcm.c:894!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n \u003c...\u003e\n Workqueue: iw_cm_wq cm_work_handler [iw_cm]\n Call Trace:\n \u003cTASK\u003e\n cm_work_handler+0x1dd/0x370 [iw_cm]\n process_one_work+0x1e2/0x3b0\n worker_thread+0x49/0x2e0\n ? rescuer_thread+0x370/0x370\n kthread+0xe5/0x110\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50136",
"url": "https://www.suse.com/security/cve/CVE-2022-50136"
},
{
"category": "external",
"summary": "SUSE Bug 1244804 for CVE-2022-50136",
"url": "https://bugzilla.suse.com/1244804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50136"
},
{
"cve": "CVE-2022-50138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()\n\n__qedr_alloc_mr() allocates a memory chunk for \"mr-\u003einfo.pbl_table\" with\ninit_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, \"mr\"\nis released while \"mr-\u003einfo.pbl_table\" is not released, which will lead\nto a memory leak.\n\nWe should release the \"mr-\u003einfo.pbl_table\" with qedr_free_pbl() when error\noccurs to fix the memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50138",
"url": "https://www.suse.com/security/cve/CVE-2022-50138"
},
{
"category": "external",
"summary": "SUSE Bug 1244797 for CVE-2022-50138",
"url": "https://bugzilla.suse.com/1244797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50138"
},
{
"cve": "CVE-2022-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick/ms_block: Fix a memory leak\n\n\u0027erased_blocks_bitmap\u0027 is never freed. As it is allocated at the same time\nas \u0027used_blocks_bitmap\u0027, it is likely that it should be freed also at the\nsame time.\n\nAdd the corresponding bitmap_free() in msb_data_clear().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50140",
"url": "https://www.suse.com/security/cve/CVE-2022-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1244793 for CVE-2022-50140",
"url": "https://bugzilla.suse.com/1244793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50140"
},
{
"cve": "CVE-2022-50141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\nof_node_put() checks null pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50141",
"url": "https://www.suse.com/security/cve/CVE-2022-50141"
},
{
"category": "external",
"summary": "SUSE Bug 1244794 for CVE-2022-50141",
"url": "https://bugzilla.suse.com/1244794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50141"
},
{
"cve": "CVE-2022-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: msu: Fix vmalloced buffers\n\nAfter commit f5ff79fddf0e (\"dma-mapping: remove CONFIG_DMA_REMAP\") there\u0027s\na chance of DMA buffer getting allocated via vmalloc(), which messes up\nthe mmapping code:\n\n\u003e RIP: msc_mmap_fault [intel_th_msu]\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e __do_fault\n\u003e do_fault\n...\n\nFix this by accounting for vmalloc possibility.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50142",
"url": "https://www.suse.com/security/cve/CVE-2022-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1244796 for CVE-2022-50142",
"url": "https://bugzilla.suse.com/1244796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50142"
},
{
"cve": "CVE-2022-50143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: Fix a resource leak in an error handling path\n\nIf an error occurs after calling \u0027pci_alloc_irq_vectors()\u0027,\n\u0027pci_free_irq_vectors()\u0027 must be called as already done in the remove\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50143",
"url": "https://www.suse.com/security/cve/CVE-2022-50143"
},
{
"category": "external",
"summary": "SUSE Bug 1244790 for CVE-2022-50143",
"url": "https://bugzilla.suse.com/1244790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50143"
},
{
"cve": "CVE-2022-50146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors\n\nIf dw_pcie_ep_init() fails to perform any action after the EPC memory is\ninitialized and the MSI memory region is allocated, the latter parts won\u0027t\nbe undone thus causing a memory leak. Add a cleanup-on-error path to fix\nthese leaks.\n\n[bhelgaas: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50146",
"url": "https://www.suse.com/security/cve/CVE-2022-50146"
},
{
"category": "external",
"summary": "SUSE Bug 1244788 for CVE-2022-50146",
"url": "https://bugzilla.suse.com/1244788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50146"
},
{
"cve": "CVE-2022-50149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential deadlock in __driver_attach\n\nIn __driver_attach function, There are also AA deadlock problem,\nlike the commit b232b02bf3c2 (\"driver core: fix deadlock in\n__device_attach\").\n\nstack like commit b232b02bf3c2 (\"driver core: fix deadlock in\n__device_attach\").\nlist below:\n In __driver_attach function, The lock holding logic is as follows:\n ...\n __driver_attach\n if (driver_allows_async_probing(drv))\n device_lock(dev) // get lock dev\n async_schedule_dev(__driver_attach_async_helper, dev); // func\n async_schedule_node\n async_schedule_node_domain(func)\n entry = kzalloc(sizeof(struct async_entry), GFP_ATOMIC);\n /* when fail or work limit, sync to execute func, but\n __driver_attach_async_helper will get lock dev as\n will, which will lead to A-A deadlock. */\n if (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK) {\n func;\n else\n queue_work_node(node, system_unbound_wq, \u0026entry-\u003ework)\n device_unlock(dev)\n\n As above show, when it is allowed to do async probes, because of\n out of memory or work limit, async work is not be allowed, to do\n sync execute instead. it will lead to A-A deadlock because of\n __driver_attach_async_helper getting lock dev.\n\nReproduce:\nand it can be reproduce by make the condition\n(if (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK)) untenable, like\nbelow:\n\n[ 370.785650] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables\nthis message.\n[ 370.787154] task:swapper/0 state:D stack: 0 pid: 1 ppid:\n0 flags:0x00004000\n[ 370.788865] Call Trace:\n[ 370.789374] \u003cTASK\u003e\n[ 370.789841] __schedule+0x482/0x1050\n[ 370.790613] schedule+0x92/0x1a0\n[ 370.791290] schedule_preempt_disabled+0x2c/0x50\n[ 370.792256] __mutex_lock.isra.0+0x757/0xec0\n[ 370.793158] __mutex_lock_slowpath+0x1f/0x30\n[ 370.794079] mutex_lock+0x50/0x60\n[ 370.794795] __device_driver_lock+0x2f/0x70\n[ 370.795677] ? driver_probe_device+0xd0/0xd0\n[ 370.796576] __driver_attach_async_helper+0x1d/0xd0\n[ 370.797318] ? driver_probe_device+0xd0/0xd0\n[ 370.797957] async_schedule_node_domain+0xa5/0xc0\n[ 370.798652] async_schedule_node+0x19/0x30\n[ 370.799243] __driver_attach+0x246/0x290\n[ 370.799828] ? driver_allows_async_probing+0xa0/0xa0\n[ 370.800548] bus_for_each_dev+0x9d/0x130\n[ 370.801132] driver_attach+0x22/0x30\n[ 370.801666] bus_add_driver+0x290/0x340\n[ 370.802246] driver_register+0x88/0x140\n[ 370.802817] ? virtio_scsi_init+0x116/0x116\n[ 370.803425] scsi_register_driver+0x1a/0x30\n[ 370.804057] init_sd+0x184/0x226\n[ 370.804533] do_one_initcall+0x71/0x3a0\n[ 370.805107] kernel_init_freeable+0x39a/0x43a\n[ 370.805759] ? rest_init+0x150/0x150\n[ 370.806283] kernel_init+0x26/0x230\n[ 370.806799] ret_from_fork+0x1f/0x30\n\nTo fix the deadlock, move the async_schedule_dev outside device_lock,\nas we can see, in async_schedule_node_domain, the parameter of\nqueue_work_node is system_unbound_wq, so it can accept concurrent\noperations. which will also not change the code logic, and will\nnot lead to deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50149",
"url": "https://www.suse.com/security/cve/CVE-2022-50149"
},
{
"category": "external",
"summary": "SUSE Bug 1244883 for CVE-2022-50149",
"url": "https://bugzilla.suse.com/1244883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50149"
},
{
"cve": "CVE-2022-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50152",
"url": "https://www.suse.com/security/cve/CVE-2022-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1244783 for CVE-2022-50152",
"url": "https://bugzilla.suse.com/1244783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50152"
},
{
"cve": "CVE-2022-50153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: Fix refcount leak in ehci_hcd_ppc_of_probe\n\nof_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50153",
"url": "https://www.suse.com/security/cve/CVE-2022-50153"
},
{
"category": "external",
"summary": "SUSE Bug 1244786 for CVE-2022-50153",
"url": "https://bugzilla.suse.com/1244786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50153"
},
{
"cve": "CVE-2022-50156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: cp2112: prevent a buffer overflow in cp2112_xfer()\n\nSmatch warnings:\ndrivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()\n\u0027data-\u003eblock[1]\u0027 too small (33 vs 255)\ndrivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() \u0027buf\u0027 too\nsmall (64 vs 255)\n\nThe \u0027read_length\u0027 variable is provided by \u0027data-\u003eblock[0]\u0027 which comes\nfrom user and it(read_length) can take a value between 0-255. Add an\nupper bound to \u0027read_length\u0027 variable to prevent a buffer overflow in\nmemcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50156",
"url": "https://www.suse.com/security/cve/CVE-2022-50156"
},
{
"category": "external",
"summary": "SUSE Bug 1244782 for CVE-2022-50156",
"url": "https://bugzilla.suse.com/1244782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50156"
},
{
"cve": "CVE-2022-50158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: partitions: Fix refcount leak in parse_redboot_of\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50158",
"url": "https://www.suse.com/security/cve/CVE-2022-50158"
},
{
"category": "external",
"summary": "SUSE Bug 1244779 for CVE-2022-50158",
"url": "https://bugzilla.suse.com/1244779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50158"
},
{
"cve": "CVE-2022-50160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: Fix refcount leak in ap_flash_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50160",
"url": "https://www.suse.com/security/cve/CVE-2022-50160"
},
{
"category": "external",
"summary": "SUSE Bug 1244776 for CVE-2022-50160",
"url": "https://bugzilla.suse.com/1244776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50160"
},
{
"cve": "CVE-2022-50161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: Fix refcount leak in of_flash_probe_versatile\n\nof_find_matching_node_and_match() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50161",
"url": "https://www.suse.com/security/cve/CVE-2022-50161"
},
{
"category": "external",
"summary": "SUSE Bug 1244774 for CVE-2022-50161",
"url": "https://bugzilla.suse.com/1244774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50161"
},
{
"cve": "CVE-2022-50162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: Fix possible refcount leak in if_usb_probe()\n\nusb_get_dev will be called before lbs_get_firmware_async which means that\nusb_put_dev need to be called when lbs_get_firmware_async fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50162",
"url": "https://www.suse.com/security/cve/CVE-2022-50162"
},
{
"category": "external",
"summary": "SUSE Bug 1244773 for CVE-2022-50162",
"url": "https://bugzilla.suse.com/1244773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50162"
},
{
"cve": "CVE-2022-50164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50164"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue\n\nAfter successfull station association, if station queues are disabled for\nsome reason, the related lists are not emptied. So if some new element is\nadded to the list in iwl_mvm_mac_wake_tx_queue, it can match with the old\none and produce a BUG like this:\n\n[ 46.535263] list_add corruption. prev-\u003enext should be next (ffff94c1c318a360), but was 0000000000000000. (prev=ffff94c1d02d3388).\n[ 46.535283] ------------[ cut here ]------------\n[ 46.535284] kernel BUG at lib/list_debug.c:26!\n[ 46.535290] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 46.585304] CPU: 0 PID: 623 Comm: wpa_supplicant Not tainted 5.19.0-rc3+ #1\n[ 46.592380] Hardware name: Dell Inc. Inspiron 660s/0478VN , BIOS A07 08/24/2012\n[ 46.600336] RIP: 0010:__list_add_valid.cold+0x3d/0x3f\n[ 46.605475] Code: f2 4c 89 c1 48 89 fe 48 c7 c7 c8 40 67 93 e8 20 cc fd ff 0f 0b 48 89 d1 4c 89 c6 4c 89 ca 48 c7 c7 70 40 67 93 e8 09 cc fd ff \u003c0f\u003e 0b 48 89 fe 48 c7 c7 00 41 67 93 e8 f8 cb fd ff 0f 0b 48 89 d1\n[ 46.624469] RSP: 0018:ffffb20800ab76d8 EFLAGS: 00010286\n[ 46.629854] RAX: 0000000000000075 RBX: ffff94c1c318a0e0 RCX: 0000000000000000\n[ 46.637105] RDX: 0000000000000201 RSI: ffffffff9365e100 RDI: 00000000ffffffff\n[ 46.644356] RBP: ffff94c1c5f43370 R08: 0000000000000075 R09: 3064316334396666\n[ 46.651607] R10: 3364323064316334 R11: 39666666663d7665 R12: ffff94c1c5f43388\n[ 46.658857] R13: ffff94c1d02d3388 R14: ffff94c1c318a360 R15: ffff94c1cf2289c0\n[ 46.666108] FS: 00007f65634ff7c0(0000) GS:ffff94c1da200000(0000) knlGS:0000000000000000\n[ 46.674331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 46.680170] CR2: 00007f7dfe984460 CR3: 000000010e894003 CR4: 00000000000606f0\n[ 46.687422] Call Trace:\n[ 46.689906] \u003cTASK\u003e\n[ 46.691950] iwl_mvm_mac_wake_tx_queue+0xec/0x15c [iwlmvm]\n[ 46.697601] ieee80211_queue_skb+0x4b3/0x720 [mac80211]\n[ 46.702973] ? sta_info_get+0x46/0x60 [mac80211]\n[ 46.707703] ieee80211_tx+0xad/0x110 [mac80211]\n[ 46.712355] __ieee80211_tx_skb_tid_band+0x71/0x90 [mac80211]\n...\n\nIn order to avoid this problem, we must also remove the related lists when\nstation queues are disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50164",
"url": "https://www.suse.com/security/cve/CVE-2022-50164"
},
{
"category": "external",
"summary": "SUSE Bug 1244770 for CVE-2022-50164",
"url": "https://bugzilla.suse.com/1244770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50164"
},
{
"cve": "CVE-2022-50165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`\n\nCommit 7a4836560a61 changes simple_write_to_buffer() with memdup_user()\nbut it forgets to change the value to be returned that came from\nsimple_write_to_buffer() call. It results in the following warning:\n\n warning: variable \u0027rc\u0027 is uninitialized when used here [-Wuninitialized]\n return rc;\n ^~\n\nRemove rc variable and just return the passed in length if the\nmemdup_user() succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50165",
"url": "https://www.suse.com/security/cve/CVE-2022-50165"
},
{
"category": "external",
"summary": "SUSE Bug 1244771 for CVE-2022-50165",
"url": "https://bugzilla.suse.com/1244771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50165"
},
{
"cve": "CVE-2022-50169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n\nThe simple_write_to_buffer() function will succeed if even a single\nbyte is initialized. However, we need to initialize the whole buffer\nto prevent information leaks. Just use memdup_user().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50169",
"url": "https://www.suse.com/security/cve/CVE-2022-50169"
},
{
"category": "external",
"summary": "SUSE Bug 1244767 for CVE-2022-50169",
"url": "https://bugzilla.suse.com/1244767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50169"
},
{
"cve": "CVE-2022-50172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n\nFree the skb if mt76u_bulk_msg fails in __mt76x02u_mcu_send_msg routine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50172",
"url": "https://www.suse.com/security/cve/CVE-2022-50172"
},
{
"category": "external",
"summary": "SUSE Bug 1244764 for CVE-2022-50172",
"url": "https://bugzilla.suse.com/1244764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50172"
},
{
"cve": "CVE-2022-50173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Fix global state lock backoff\n\nWe need to grab the lock after the early return for !hwpipe case.\nOtherwise, we could have hit contention yet still returned 0.\n\nFixes an issue that the new CONFIG_DRM_DEBUG_MODESET_LOCK stuff flagged\nin CI:\n\n WARNING: CPU: 0 PID: 282 at drivers/gpu/drm/drm_modeset_lock.c:296 drm_modeset_lock+0xf8/0x154\n Modules linked in:\n CPU: 0 PID: 282 Comm: kms_cursor_lega Tainted: G W 5.19.0-rc2-15930-g875cc8bc536a #1\n Hardware name: Qualcomm Technologies, Inc. DB820c (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : drm_modeset_lock+0xf8/0x154\n lr : drm_atomic_get_private_obj_state+0x84/0x170\n sp : ffff80000cfab6a0\n x29: ffff80000cfab6a0 x28: 0000000000000000 x27: ffff000083bc4d00\n x26: 0000000000000038 x25: 0000000000000000 x24: ffff80000957ca58\n x23: 0000000000000000 x22: ffff000081ace080 x21: 0000000000000001\n x20: ffff000081acec18 x19: ffff80000cfabb80 x18: 0000000000000038\n x17: 0000000000000000 x16: 0000000000000000 x15: fffffffffffea0d0\n x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 5f534b434f4c5f47\n x11: ffff80000a386aa8 x10: 0000000000000029 x9 : ffff80000cfab610\n x8 : 0000000000000029 x7 : 0000000000000014 x6 : 0000000000000000\n x5 : 0000000000000001 x4 : ffff8000081ad904 x3 : 0000000000000029\n x2 : ffff0000801db4c0 x1 : ffff80000cfabb80 x0 : ffff000081aceb58\n Call trace:\n drm_modeset_lock+0xf8/0x154\n drm_atomic_get_private_obj_state+0x84/0x170\n mdp5_get_global_state+0x54/0x6c\n mdp5_pipe_release+0x2c/0xd4\n mdp5_plane_atomic_check+0x2ec/0x414\n drm_atomic_helper_check_planes+0xd8/0x210\n drm_atomic_helper_check+0x54/0xb0\n ...\n ---[ end trace 0000000000000000 ]---\n drm_modeset_lock attempting to lock a contended lock without backoff:\n drm_modeset_lock+0x148/0x154\n mdp5_get_global_state+0x30/0x6c\n mdp5_pipe_release+0x2c/0xd4\n mdp5_plane_atomic_check+0x290/0x414\n drm_atomic_helper_check_planes+0xd8/0x210\n drm_atomic_helper_check+0x54/0xb0\n drm_atomic_check_only+0x4b0/0x8f4\n drm_atomic_commit+0x68/0xe0\n\nPatchwork: https://patchwork.freedesktop.org/patch/492701/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50173",
"url": "https://www.suse.com/security/cve/CVE-2022-50173"
},
{
"category": "external",
"summary": "SUSE Bug 1244992 for CVE-2022-50173",
"url": "https://bugzilla.suse.com/1244992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50173"
},
{
"cve": "CVE-2022-50176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50176",
"url": "https://www.suse.com/security/cve/CVE-2022-50176"
},
{
"category": "external",
"summary": "SUSE Bug 1244902 for CVE-2022-50176",
"url": "https://bugzilla.suse.com/1244902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50176"
},
{
"cve": "CVE-2022-50179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k: fix use-after-free in ath9k_hif_usb_rx_cb\n\nSyzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The\nproblem was in incorrect htc_handle-\u003edrv_priv initialization.\n\nProbable call trace which can trigger use-after-free:\n\nath9k_htc_probe_device()\n /* htc_handle-\u003edrv_priv = priv; */\n ath9k_htc_wait_for_target() \u003c--- Failed\n ieee80211_free_hw()\t\t \u003c--- priv pointer is freed\n\n\u003cIRQ\u003e\n...\nath9k_hif_usb_rx_cb()\n ath9k_hif_usb_rx_stream()\n RX_STAT_INC()\t\t\u003c--- htc_handle-\u003edrv_priv access\n\nIn order to not add fancy protection for drv_priv we can move\nhtc_handle-\u003edrv_priv initialization at the end of the\nath9k_htc_probe_device() and add helper macro to make\nall *_STAT_* macros NULL safe, since syzbot has reported related NULL\nderef in that macros [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50179",
"url": "https://www.suse.com/security/cve/CVE-2022-50179"
},
{
"category": "external",
"summary": "SUSE Bug 1244886 for CVE-2022-50179",
"url": "https://bugzilla.suse.com/1244886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50179"
},
{
"cve": "CVE-2022-50181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-gpu: fix a missing check to avoid NULL dereference\n\n\u0027cache_ent\u0027 could be set NULL inside virtio_gpu_cmd_get_capset()\nand it will lead to a NULL dereference by a lately use of it\n(i.e., ptr = cache_ent-\u003ecaps_cache). Fix it with a NULL check.\n\n\n[ kraxel: minor codestyle fixup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50181",
"url": "https://www.suse.com/security/cve/CVE-2022-50181"
},
{
"category": "external",
"summary": "SUSE Bug 1244901 for CVE-2022-50181",
"url": "https://bugzilla.suse.com/1244901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50181"
},
{
"cve": "CVE-2022-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()\n\nThe last case label can write two buffers \u0027mc_reg_address[j]\u0027 and\n\u0027mc_data[j]\u0027 with \u0027j\u0027 offset equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE\nsince there are no checks for this value in both case labels after the\nlast \u0027j++\u0027.\n\nInstead of changing \u0027\u003e\u0027 to \u0027\u003e=\u0027 there, add the bounds check at the start\nof the second \u0027case\u0027 (the first one already has it).\n\nAlso, remove redundant last checks for \u0027j\u0027 index bigger than array size.\nThe expression is always false. Moreover, before or after the patch\n\u0027table-\u003elast\u0027 can be equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE and it\nseems it can be a valid value.\n\nDetected using the static analysis tool - Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50185",
"url": "https://www.suse.com/security/cve/CVE-2022-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1244887 for CVE-2022-50185",
"url": "https://bugzilla.suse.com/1244887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50185"
},
{
"cve": "CVE-2022-50191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50191"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: of: Fix refcount leak bug in of_get_regulation_constraints()\n\nWe should call the of_node_put() for the reference returned by\nof_get_child_by_name() which has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50191",
"url": "https://www.suse.com/security/cve/CVE-2022-50191"
},
{
"category": "external",
"summary": "SUSE Bug 1244899 for CVE-2022-50191",
"url": "https://bugzilla.suse.com/1244899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50191"
},
{
"cve": "CVE-2022-50200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: Add boundary check in put_entry()\n\nJust like next_entry(), boundary check is necessary to prevent memory\nout-of-bound access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50200",
"url": "https://www.suse.com/security/cve/CVE-2022-50200"
},
{
"category": "external",
"summary": "SUSE Bug 1245149 for CVE-2022-50200",
"url": "https://bugzilla.suse.com/1245149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2022-50200"
},
{
"cve": "CVE-2022-50209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmeson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50209",
"url": "https://www.suse.com/security/cve/CVE-2022-50209"
},
{
"category": "external",
"summary": "SUSE Bug 1244868 for CVE-2022-50209",
"url": "https://bugzilla.suse.com/1244868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50209"
},
{
"cve": "CVE-2022-50211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd-raid10: fix KASAN warning\n\nThere\u0027s a KASAN warning in raid10_remove_disk when running the lvm\ntest lvconvert-raid-reshape.sh. We fix this warning by verifying that the\nvalue \"number\" is valid.\n\nBUG: KASAN: slab-out-of-bounds in raid10_remove_disk+0x61/0x2a0 [raid10]\nRead of size 8 at addr ffff889108f3d300 by task mdX_raid10/124682\n\nCPU: 3 PID: 124682 Comm: mdX_raid10 Not tainted 5.19.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_report.cold+0x45/0x57a\n ? __lock_text_start+0x18/0x18\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n kasan_report+0xa8/0xe0\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n raid10_remove_disk+0x61/0x2a0 [raid10]\nBuffer I/O error on dev dm-76, logical block 15344, async page read\n ? __mutex_unlock_slowpath.constprop.0+0x1e0/0x1e0\n remove_and_add_spares+0x367/0x8a0 [md_mod]\n ? super_written+0x1c0/0x1c0 [md_mod]\n ? mutex_trylock+0xac/0x120\n ? _raw_spin_lock+0x72/0xc0\n ? _raw_spin_lock_bh+0xc0/0xc0\n md_check_recovery+0x848/0x960 [md_mod]\n raid10d+0xcf/0x3360 [raid10]\n ? sched_clock_cpu+0x185/0x1a0\n ? rb_erase+0x4d4/0x620\n ? var_wake_function+0xe0/0xe0\n ? psi_group_change+0x411/0x500\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? raid10_sync_request+0x36c0/0x36c0 [raid10]\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_unlock_irqrestore+0x19/0x40\n ? del_timer_sync+0xa9/0x100\n ? try_to_del_timer_sync+0xc0/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? _raw_spin_unlock_irq+0x11/0x24\n ? __list_del_entry_valid+0x68/0xa0\n ? finish_wait+0xa3/0x100\n md_thread+0x161/0x260 [md_mod]\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? prepare_to_wait_event+0x2c0/0x2c0\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n kthread+0x148/0x180\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n\nAllocated by task 124495:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x80/0xa0\n setup_conf+0x140/0x5c0 [raid10]\n raid10_run+0x4cd/0x740 [raid10]\n md_run+0x6f9/0x1300 [md_mod]\n raid_ctr+0x2531/0x4ac0 [dm_raid]\n dm_table_add_target+0x2b0/0x620 [dm_mod]\n table_load+0x1c8/0x400 [dm_mod]\n ctl_ioctl+0x29e/0x560 [dm_mod]\n dm_compat_ctl_ioctl+0x7/0x20 [dm_mod]\n __do_compat_sys_ioctl+0xfa/0x160\n do_syscall_64+0x90/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nLast potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\nL __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\n __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe buggy address belongs to the object at ffff889108f3d200\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 0 bytes to the right of\n 256-byte region [ffff889108f3d200, ffff889108f3d300)\n\nThe buggy address belongs to the physical page:\npage:000000007ef2a34c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1108f3c\nhead:000000007ef2a34c order:2 compound_mapcount:0 compound_pincount:0\nflags: 0x4000000000010200(slab|head|zone=2)\nraw: 4000000000010200 0000000000000000 dead000000000001 ffff889100042b40\nraw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff889108f3d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff889108f3d280: 00 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50211",
"url": "https://www.suse.com/security/cve/CVE-2022-50211"
},
{
"category": "external",
"summary": "SUSE Bug 1245140 for CVE-2022-50211",
"url": "https://bugzilla.suse.com/1245140"
},
{
"category": "external",
"summary": "SUSE Bug 1245141 for CVE-2022-50211",
"url": "https://bugzilla.suse.com/1245141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2022-50211"
},
{
"cve": "CVE-2022-50212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not allow CHAIN_ID to refer to another table\n\nWhen doing lookups for chains on the same batch by using its ID, a chain\nfrom a different table can be used. If a rule is added to a table but\nrefers to a chain in a different table, it will be linked to the chain in\ntable2, but would have expressions referring to objects in table1.\n\nThen, when table1 is removed, the rule will not be removed as its linked to\na chain in table2. When expressions in the rule are processed or removed,\nthat will lead to a use-after-free.\n\nWhen looking for chains by ID, use the table that was used for the lookup\nby name, and only return chains belonging to that same table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50212",
"url": "https://www.suse.com/security/cve/CVE-2022-50212"
},
{
"category": "external",
"summary": "SUSE Bug 1244869 for CVE-2022-50212",
"url": "https://bugzilla.suse.com/1244869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50212"
},
{
"cve": "CVE-2022-50213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50213"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not allow SET_ID to refer to another table\n\nWhen doing lookups for sets on the same batch by using its ID, a set from a\ndifferent table can be used.\n\nThen, when the table is removed, a reference to the set may be kept after\nthe set is freed, leading to a potential use-after-free.\n\nWhen looking for sets by ID, use the table that was used for the lookup by\nname, and only return sets belonging to that same table.\n\nThis fixes CVE-2022-2586, also reported as ZDI-CAN-17470.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50213",
"url": "https://www.suse.com/security/cve/CVE-2022-50213"
},
{
"category": "external",
"summary": "SUSE Bug 1244867 for CVE-2022-50213",
"url": "https://bugzilla.suse.com/1244867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50213"
},
{
"cve": "CVE-2022-50215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Allow waiting for commands to complete on removed device\n\nWhen a SCSI device is removed while in active use, currently sg will\nimmediately return -ENODEV on any attempt to wait for active commands that\nwere sent before the removal. This is problematic for commands that use\nSG_FLAG_DIRECT_IO since the data buffer may still be in use by the kernel\nwhen userspace frees or reuses it after getting ENODEV, leading to\ncorrupted userspace memory (in the case of READ-type commands) or corrupted\ndata being sent to the device (in the case of WRITE-type commands). This\nhas been seen in practice when logging out of a iscsi_tcp session, where\nthe iSCSI driver may still be processing commands after the device has been\nmarked for removal.\n\nChange the policy to allow userspace to wait for active sg commands even\nwhen the device is being removed. Return -ENODEV only when there are no\nmore responses to read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50215",
"url": "https://www.suse.com/security/cve/CVE-2022-50215"
},
{
"category": "external",
"summary": "SUSE Bug 1245138 for CVE-2022-50215",
"url": "https://bugzilla.suse.com/1245138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50215"
},
{
"cve": "CVE-2022-50218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: isl29028: Fix the warning in isl29028_remove()\n\nThe driver use the non-managed form of the register function in\nisl29028_remove(). To keep the release order as mirroring the ordering\nin probe, the driver should use non-managed form in probe, too.\n\nThe following log reveals it:\n\n[ 32.374955] isl29028 0-0010: remove\n[ 32.376861] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 32.377676] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 32.379432] RIP: 0010:kernfs_find_and_get_ns+0x28/0xe0\n[ 32.385461] Call Trace:\n[ 32.385807] sysfs_unmerge_group+0x59/0x110\n[ 32.386110] dpm_sysfs_remove+0x58/0xc0\n[ 32.386391] device_del+0x296/0xe50\n[ 32.386959] cdev_device_del+0x1d/0xd0\n[ 32.387231] devm_iio_device_unreg+0x27/0xb0\n[ 32.387542] devres_release_group+0x319/0x3d0\n[ 32.388162] i2c_device_remove+0x93/0x1f0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50218",
"url": "https://www.suse.com/security/cve/CVE-2022-50218"
},
{
"category": "external",
"summary": "SUSE Bug 1244861 for CVE-2022-50218",
"url": "https://bugzilla.suse.com/1244861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50218"
},
{
"cve": "CVE-2022-50220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50220"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: Fix linkwatch use-after-free on disconnect\n\nusbnet uses the work usbnet_deferred_kevent() to perform tasks which may\nsleep. On disconnect, completion of the work was originally awaited in\n-\u003endo_stop(). But in 2003, that was moved to -\u003edisconnect() by historic\ncommit \"[PATCH] USB: usbnet, prevent exotic rtnl deadlock\":\n\n https://git.kernel.org/tglx/history/c/0f138bbfd83c\n\nThe change was made because back then, the kernel\u0027s workqueue\nimplementation did not allow waiting for a single work. One had to wait\nfor completion of *all* work by calling flush_scheduled_work(), and that\ncould deadlock when waiting for usbnet_deferred_kevent() with rtnl_mutex\nheld in -\u003endo_stop().\n\nThe commit solved one problem but created another: It causes a\nuse-after-free in USB Ethernet drivers aqc111.c, asix_devices.c,\nax88179_178a.c, ch9200.c and smsc75xx.c:\n\n* If the drivers receive a link change interrupt immediately before\n disconnect, they raise EVENT_LINK_RESET in their (non-sleepable)\n -\u003estatus() callback and schedule usbnet_deferred_kevent().\n* usbnet_deferred_kevent() invokes the driver\u0027s -\u003elink_reset() callback,\n which calls netif_carrier_{on,off}().\n* That in turn schedules the work linkwatch_event().\n\nBecause usbnet_deferred_kevent() is awaited after unregister_netdev(),\nnetif_carrier_{on,off}() may operate on an unregistered netdev and\nlinkwatch_event() may run after free_netdev(), causing a use-after-free.\n\nIn 2010, usbnet was changed to only wait for a single instance of\nusbnet_deferred_kevent() instead of *all* work by commit 23f333a2bfaf\n(\"drivers/net: don\u0027t use flush_scheduled_work()\").\n\nUnfortunately the commit neglected to move the wait back to\n-\u003endo_stop(). Rectify that omission at long last.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50220",
"url": "https://www.suse.com/security/cve/CVE-2022-50220"
},
{
"category": "external",
"summary": "SUSE Bug 1245348 for CVE-2022-50220",
"url": "https://bugzilla.suse.com/1245348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50220"
},
{
"cve": "CVE-2022-50222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50222"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vt: initialize unicode screen buffer\n\nsyzbot reports kernel infoleak at vcs_read() [1], for buffer can be read\nimmediately after resize operation. Initialize buffer using kzalloc().\n\n ----------\n #include \u003cfcntl.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003csys/ioctl.h\u003e\n #include \u003clinux/fb.h\u003e\n\n int main(int argc, char *argv[])\n {\n struct fb_var_screeninfo var = { };\n const int fb_fd = open(\"/dev/fb0\", 3);\n ioctl(fb_fd, FBIOGET_VSCREENINFO, \u0026var);\n var.yres = 0x21;\n ioctl(fb_fd, FBIOPUT_VSCREENINFO, \u0026var);\n return read(open(\"/dev/vcsu\", O_RDONLY), \u0026var, sizeof(var)) == -1;\n }\n ----------",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50222",
"url": "https://www.suse.com/security/cve/CVE-2022-50222"
},
{
"category": "external",
"summary": "SUSE Bug 1245136 for CVE-2022-50222",
"url": "https://bugzilla.suse.com/1245136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50222"
},
{
"cve": "CVE-2022-50229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: bcd2000: Fix a UAF bug on the error path of probing\n\nWhen the driver fails in snd_card_register() at probe time, it will free\nthe \u0027bcd2k-\u003emidi_out_urb\u0027 before killing it, which may cause a UAF bug.\n\nThe following log can reveal it:\n\n[ 50.727020] BUG: KASAN: use-after-free in bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n[ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0\n[ 50.729530] Call Trace:\n[ 50.732899] bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n\nFix this by adding usb_kill_urb() before usb_free_urb().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50229",
"url": "https://www.suse.com/security/cve/CVE-2022-50229"
},
{
"category": "external",
"summary": "SUSE Bug 1244856 for CVE-2022-50229",
"url": "https://bugzilla.suse.com/1244856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50229"
},
{
"cve": "CVE-2022-50231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: arm64/poly1305 - fix a read out-of-bound\n\nA kasan error was reported during fuzzing:\n\nBUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon]\nRead of size 4 at addr ffff0010e293f010 by task syz-executor.5/1646715\nCPU: 4 PID: 1646715 Comm: syz-executor.5 Kdump: loaded Not tainted 5.10.0.aarch64 #1\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.59 01/31/2019\nCall trace:\n dump_backtrace+0x0/0x394\n show_stack+0x34/0x4c arch/arm64/kernel/stacktrace.c:196\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x158/0x1e4 lib/dump_stack.c:118\n print_address_description.constprop.0+0x68/0x204 mm/kasan/report.c:387\n __kasan_report+0xe0/0x140 mm/kasan/report.c:547\n kasan_report+0x44/0xe0 mm/kasan/report.c:564\n check_memory_region_inline mm/kasan/generic.c:187 [inline]\n __asan_load4+0x94/0xd0 mm/kasan/generic.c:252\n neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon]\n neon_poly1305_do_update+0x6c/0x15c [poly1305_neon]\n neon_poly1305_update+0x9c/0x1c4 [poly1305_neon]\n crypto_shash_update crypto/shash.c:131 [inline]\n shash_finup_unaligned+0x84/0x15c crypto/shash.c:179\n crypto_shash_finup+0x8c/0x140 crypto/shash.c:193\n shash_digest_unaligned+0xb8/0xe4 crypto/shash.c:201\n crypto_shash_digest+0xa4/0xfc crypto/shash.c:217\n crypto_shash_tfm_digest+0xb4/0x150 crypto/shash.c:229\n essiv_skcipher_setkey+0x164/0x200 [essiv]\n crypto_skcipher_setkey+0xb0/0x160 crypto/skcipher.c:612\n skcipher_setkey+0x3c/0x50 crypto/algif_skcipher.c:305\n alg_setkey+0x114/0x2a0 crypto/af_alg.c:220\n alg_setsockopt+0x19c/0x210 crypto/af_alg.c:253\n __sys_setsockopt+0x190/0x2e0 net/socket.c:2123\n __do_sys_setsockopt net/socket.c:2134 [inline]\n __se_sys_setsockopt net/socket.c:2131 [inline]\n __arm64_sys_setsockopt+0x78/0x94 net/socket.c:2131\n __invoke_syscall arch/arm64/kernel/syscall.c:36 [inline]\n invoke_syscall+0x64/0x100 arch/arm64/kernel/syscall.c:48\n el0_svc_common.constprop.0+0x220/0x230 arch/arm64/kernel/syscall.c:155\n do_el0_svc+0xb4/0xd4 arch/arm64/kernel/syscall.c:217\n el0_svc+0x24/0x3c arch/arm64/kernel/entry-common.c:353\n el0_sync_handler+0x160/0x164 arch/arm64/kernel/entry-common.c:369\n el0_sync+0x160/0x180 arch/arm64/kernel/entry.S:683\n\nThis error can be reproduced by the following code compiled as ko on a\nsystem with kasan enabled:\n\n#include \u003clinux/module.h\u003e\n#include \u003clinux/crypto.h\u003e\n#include \u003ccrypto/hash.h\u003e\n#include \u003ccrypto/poly1305.h\u003e\n\nchar test_data[] = \"\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\"\n \"\\x08\\x09\\x0a\\x0b\\x0c\\x0d\\x0e\\x0f\"\n \"\\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17\"\n \"\\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\";\n\nint init(void)\n{\n struct crypto_shash *tfm = NULL;\n char *data = NULL, *out = NULL;\n\n tfm = crypto_alloc_shash(\"poly1305\", 0, 0);\n data = kmalloc(POLY1305_KEY_SIZE - 1, GFP_KERNEL);\n out = kmalloc(POLY1305_DIGEST_SIZE, GFP_KERNEL);\n memcpy(data, test_data, POLY1305_KEY_SIZE - 1);\n crypto_shash_tfm_digest(tfm, data, POLY1305_KEY_SIZE - 1, out);\n\n kfree(data);\n kfree(out);\n return 0;\n}\n\nvoid deinit(void)\n{\n}\n\nmodule_init(init)\nmodule_exit(deinit)\nMODULE_LICENSE(\"GPL\");\n\nThe root cause of the bug sits in neon_poly1305_blocks. The logic\nneon_poly1305_blocks() performed is that if it was called with both s[]\nand r[] uninitialized, it will first try to initialize them with the\ndata from the first \"block\" that it believed to be 32 bytes in length.\nFirst 16 bytes are used as the key and the next 16 bytes for s[]. This\nwould lead to the aforementioned read out-of-bound. However, after\ncalling poly1305_init_arch(), only 16 bytes were deducted from the input\nand s[] is initialized yet again with the following 16 bytes. The second\ninitialization of s[] is certainly redundent which indicates that the\nfirst initialization should be for r[] only.\n\nThis patch fixes the issue by calling poly1305_init_arm64() instead o\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50231",
"url": "https://www.suse.com/security/cve/CVE-2022-50231"
},
{
"category": "external",
"summary": "SUSE Bug 1244853 for CVE-2022-50231",
"url": "https://bugzilla.suse.com/1244853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2022-50231"
},
{
"cve": "CVE-2023-3111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3111"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3111",
"url": "https://www.suse.com/security/cve/CVE-2023-3111"
},
{
"category": "external",
"summary": "SUSE Bug 1212051 for CVE-2023-3111",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-3111",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2023-3111"
},
{
"cve": "CVE-2024-26924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: do not free live element\n\nPablo reports a crash with large batches of elements with a\nback-to-back add/remove pattern. Quoting Pablo:\n\n add_elem(\"00000000\") timeout 100 ms\n ...\n add_elem(\"0000000X\") timeout 100 ms\n del_elem(\"0000000X\") \u003c---------------- delete one that was just added\n ...\n add_elem(\"00005000\") timeout 100 ms\n\n 1) nft_pipapo_remove() removes element 0000000X\n Then, KASAN shows a splat.\n\nLooking at the remove function there is a chance that we will drop a\nrule that maps to a non-deactivated element.\n\nRemoval happens in two steps, first we do a lookup for key k and return the\nto-be-removed element and mark it as inactive in the next generation.\nThen, in a second step, the element gets removed from the set/map.\n\nThe _remove function does not work correctly if we have more than one\nelement that share the same key.\n\nThis can happen if we insert an element into a set when the set already\nholds an element with same key, but the element mapping to the existing\nkey has timed out or is not active in the next generation.\n\nIn such case its possible that removal will unmap the wrong element.\nIf this happens, we will leak the non-deactivated element, it becomes\nunreachable.\n\nThe element that got deactivated (and will be freed later) will\nremain reachable in the set data structure, this can result in\na crash when such an element is retrieved during lookup (stale\npointer).\n\nAdd a check that the fully matching key does in fact map to the element\nthat we have marked as inactive in the deactivation step.\nIf not, we need to continue searching.\n\nAdd a bug/warn trap at the end of the function as well, the remove\nfunction must not ever be called with an invisible/unreachable/non-existent\nelement.\n\nv2: avoid uneeded temporary variable (Stefano)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26924",
"url": "https://www.suse.com/security/cve/CVE-2024-26924"
},
{
"category": "external",
"summary": "SUSE Bug 1223387 for CVE-2024-26924",
"url": "https://bugzilla.suse.com/1223387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2024-26924"
},
{
"cve": "CVE-2024-27397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: use timestamp to check for set element timeout\n\nAdd a timestamp field at the beginning of the transaction, store it\nin the nftables per-netns area.\n\nUpdate set backend .insert, .deactivate and sync gc path to use the\ntimestamp, this avoids that an element expires while control plane\ntransaction is still unfinished.\n\n.lookup and .update, which are used from packet path, still use the\ncurrent time to check if the element has expired. And .get path and dump\nalso since this runs lockless under rcu read size lock. Then, there is\nasync gc which also needs to check the current time since it runs\nasynchronously from a workqueue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27397",
"url": "https://www.suse.com/security/cve/CVE-2024-27397"
},
{
"category": "external",
"summary": "SUSE Bug 1224095 for CVE-2024-27397",
"url": "https://bugzilla.suse.com/1224095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2024-27397"
},
{
"cve": "CVE-2024-36978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sch_multiq: fix possible OOB write in multiq_tune()\n\nq-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic\nafter kmalloc. So the old q-\u003ebands should not be used in kmalloc.\nOtherwise, an out-of-bounds write will occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36978",
"url": "https://www.suse.com/security/cve/CVE-2024-36978"
},
{
"category": "external",
"summary": "SUSE Bug 1226514 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "external",
"summary": "SUSE Bug 1244631 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1244631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.214.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.214.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.214.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:20:22Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…