suse-su-2025:02321-1
Vulnerability from csaf_suse
Published
2025-07-15 14:31
Modified
2025-07-15 14:31
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1207361 bsc#1225468).
- CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552).
- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).
- CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).
- CVE-2024-28956: x86/its: Add support for ITS-safe indirect thunk (bsc#1242006).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (bsc#1235464).
- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876).
- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).
The following non-security bugs were fixed:
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- Fix conditional for selecting gcc-13 Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).')
- Fix reference in 'net_sched: sch_sfq: use a temporary work area for validating configuration' (bsc#1242504)
- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build')
- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ('bs-upload-kernel: Pass limit_packages also on multibuild')
- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.
- Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE.
- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') Fixes: 747f601d4156 ('bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)')
- check-for-config-changes: Fix flag name typo
- doc/README.SUSE: Point to the updated version of LKMPG
- hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).
- kernel-obs-qa: Use srchash for dependency as well
- kernel-source: Also replace bin/env
- kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 ('kernel-source: Also replace bin/env'
- kernel-source: Remove log.sh from sources
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- ovl: fix use inode directly in rcu-walk mode (bsc#1241900).
- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).')
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used
- rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.
- rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64.
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.
- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev & systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659)
- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rpm: Stop using is_kotd_qa macro
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).
Patchnames
SUSE-2025-2321,SUSE-SLE-Micro-5.5-2025-2321
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond \u0027nbands\u0027 (bsc#1207361 bsc#1225468).\n- CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552).\n- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).\n- CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822).\n- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).\n- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).\n- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).\n- CVE-2024-28956: x86/its: Add support for ITS-safe indirect thunk (bsc#1242006).\n- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).\n- CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (bsc#1235464).\n- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876).\n- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).\n- CVE-2025-38060: bpf: abort verification if env-\u003ecur_state-\u003eloop_entry != NULL (bsc#1245155).\n- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).\n\nThe following non-security bugs were fixed:\n\n- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).\n- Fix conditional for selecting gcc-13 Fixes: 51dacec21eb1 (\u0027Use gcc-13 for build on SLE16 (jsc#PED-10028).\u0027)\n- Fix reference in \u0027net_sched: sch_sfq: use a temporary work area for validating configuration\u0027 (bsc#1242504)\n- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027)\n- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b (\u0027bs-upload-kernel: Pass limit_packages also on multibuild\u0027)\n- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.\n- Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE.\n- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027) Fixes: 747f601d4156 (\u0027bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)\u0027)\n- check-for-config-changes: Fix flag name typo\n- doc/README.SUSE: Point to the updated version of LKMPG\n- hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).\n- kernel-obs-qa: Use srchash for dependency as well\n- kernel-source: Also replace bin/env\n- kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 (\u0027kernel-source: Also replace bin/env\u0027\n- kernel-source: Remove log.sh from sources\n- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- ovl: fix use inode directly in rcu-walk mode (bsc#1241900).\n- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 (\u0027Use gcc-13 for build on SLE16 (jsc#PED-10028).\u0027)\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used\n- rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE\n- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.\n- rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64.\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.\n- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev \u0026 systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659)\n- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)\n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/package-descriptions: Add rt and rt_debug descriptions\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- rpm: Stop using is_kotd_qa macro\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2321,SUSE-SLE-Micro-5.5-2025-2321",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02321-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02321-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502321-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02321-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040713.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1193629",
"url": "https://bugzilla.suse.com/1193629"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1198410",
"url": "https://bugzilla.suse.com/1198410"
},
{
"category": "self",
"summary": "SUSE Bug 1199356",
"url": "https://bugzilla.suse.com/1199356"
},
{
"category": "self",
"summary": "SUSE Bug 1199487",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "self",
"summary": "SUSE Bug 1201160",
"url": "https://bugzilla.suse.com/1201160"
},
{
"category": "self",
"summary": "SUSE Bug 1201956",
"url": "https://bugzilla.suse.com/1201956"
},
{
"category": "self",
"summary": "SUSE Bug 1202094",
"url": "https://bugzilla.suse.com/1202094"
},
{
"category": "self",
"summary": "SUSE Bug 1202095",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "self",
"summary": "SUSE Bug 1202564",
"url": "https://bugzilla.suse.com/1202564"
},
{
"category": "self",
"summary": "SUSE Bug 1202716",
"url": "https://bugzilla.suse.com/1202716"
},
{
"category": "self",
"summary": "SUSE Bug 1202823",
"url": "https://bugzilla.suse.com/1202823"
},
{
"category": "self",
"summary": "SUSE Bug 1202860",
"url": "https://bugzilla.suse.com/1202860"
},
{
"category": "self",
"summary": "SUSE Bug 1203197",
"url": "https://bugzilla.suse.com/1203197"
},
{
"category": "self",
"summary": "SUSE Bug 1203361",
"url": "https://bugzilla.suse.com/1203361"
},
{
"category": "self",
"summary": "SUSE Bug 1205220",
"url": "https://bugzilla.suse.com/1205220"
},
{
"category": "self",
"summary": "SUSE Bug 1205514",
"url": "https://bugzilla.suse.com/1205514"
},
{
"category": "self",
"summary": "SUSE Bug 1205701",
"url": "https://bugzilla.suse.com/1205701"
},
{
"category": "self",
"summary": "SUSE Bug 1206451",
"url": "https://bugzilla.suse.com/1206451"
},
{
"category": "self",
"summary": "SUSE Bug 1206664",
"url": "https://bugzilla.suse.com/1206664"
},
{
"category": "self",
"summary": "SUSE Bug 1206878",
"url": "https://bugzilla.suse.com/1206878"
},
{
"category": "self",
"summary": "SUSE Bug 1206880",
"url": "https://bugzilla.suse.com/1206880"
},
{
"category": "self",
"summary": "SUSE Bug 1207361",
"url": "https://bugzilla.suse.com/1207361"
},
{
"category": "self",
"summary": "SUSE Bug 1207638",
"url": "https://bugzilla.suse.com/1207638"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1212051",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "self",
"summary": "SUSE Bug 1213090",
"url": "https://bugzilla.suse.com/1213090"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1218234",
"url": "https://bugzilla.suse.com/1218234"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1222634",
"url": "https://bugzilla.suse.com/1222634"
},
{
"category": "self",
"summary": "SUSE Bug 1223675",
"url": "https://bugzilla.suse.com/1223675"
},
{
"category": "self",
"summary": "SUSE Bug 1224095",
"url": "https://bugzilla.suse.com/1224095"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1225468",
"url": "https://bugzilla.suse.com/1225468"
},
{
"category": "self",
"summary": "SUSE Bug 1225820",
"url": "https://bugzilla.suse.com/1225820"
},
{
"category": "self",
"summary": "SUSE Bug 1226514",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "self",
"summary": "SUSE Bug 1226552",
"url": "https://bugzilla.suse.com/1226552"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1234156",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "self",
"summary": "SUSE Bug 1234381",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "self",
"summary": "SUSE Bug 1234454",
"url": "https://bugzilla.suse.com/1234454"
},
{
"category": "self",
"summary": "SUSE Bug 1235464",
"url": "https://bugzilla.suse.com/1235464"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1236822",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1241640",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "self",
"summary": "SUSE Bug 1241900",
"url": "https://bugzilla.suse.com/1241900"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242221",
"url": "https://bugzilla.suse.com/1242221"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1244114",
"url": "https://bugzilla.suse.com/1244114"
},
{
"category": "self",
"summary": "SUSE Bug 1244179",
"url": "https://bugzilla.suse.com/1244179"
},
{
"category": "self",
"summary": "SUSE Bug 1244180",
"url": "https://bugzilla.suse.com/1244180"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244764",
"url": "https://bugzilla.suse.com/1244764"
},
{
"category": "self",
"summary": "SUSE Bug 1244765",
"url": "https://bugzilla.suse.com/1244765"
},
{
"category": "self",
"summary": "SUSE Bug 1244767",
"url": "https://bugzilla.suse.com/1244767"
},
{
"category": "self",
"summary": "SUSE Bug 1244770",
"url": "https://bugzilla.suse.com/1244770"
},
{
"category": "self",
"summary": "SUSE Bug 1244771",
"url": "https://bugzilla.suse.com/1244771"
},
{
"category": "self",
"summary": "SUSE Bug 1244772",
"url": "https://bugzilla.suse.com/1244772"
},
{
"category": "self",
"summary": "SUSE Bug 1244773",
"url": "https://bugzilla.suse.com/1244773"
},
{
"category": "self",
"summary": "SUSE Bug 1244774",
"url": "https://bugzilla.suse.com/1244774"
},
{
"category": "self",
"summary": "SUSE Bug 1244776",
"url": "https://bugzilla.suse.com/1244776"
},
{
"category": "self",
"summary": "SUSE Bug 1244779",
"url": "https://bugzilla.suse.com/1244779"
},
{
"category": "self",
"summary": "SUSE Bug 1244780",
"url": "https://bugzilla.suse.com/1244780"
},
{
"category": "self",
"summary": "SUSE Bug 1244781",
"url": "https://bugzilla.suse.com/1244781"
},
{
"category": "self",
"summary": "SUSE Bug 1244782",
"url": "https://bugzilla.suse.com/1244782"
},
{
"category": "self",
"summary": "SUSE Bug 1244783",
"url": "https://bugzilla.suse.com/1244783"
},
{
"category": "self",
"summary": "SUSE Bug 1244784",
"url": "https://bugzilla.suse.com/1244784"
},
{
"category": "self",
"summary": "SUSE Bug 1244786",
"url": "https://bugzilla.suse.com/1244786"
},
{
"category": "self",
"summary": "SUSE Bug 1244787",
"url": "https://bugzilla.suse.com/1244787"
},
{
"category": "self",
"summary": "SUSE Bug 1244788",
"url": "https://bugzilla.suse.com/1244788"
},
{
"category": "self",
"summary": "SUSE Bug 1244790",
"url": "https://bugzilla.suse.com/1244790"
},
{
"category": "self",
"summary": "SUSE Bug 1244791",
"url": "https://bugzilla.suse.com/1244791"
},
{
"category": "self",
"summary": "SUSE Bug 1244793",
"url": "https://bugzilla.suse.com/1244793"
},
{
"category": "self",
"summary": "SUSE Bug 1244794",
"url": "https://bugzilla.suse.com/1244794"
},
{
"category": "self",
"summary": "SUSE Bug 1244796",
"url": "https://bugzilla.suse.com/1244796"
},
{
"category": "self",
"summary": "SUSE Bug 1244797",
"url": "https://bugzilla.suse.com/1244797"
},
{
"category": "self",
"summary": "SUSE Bug 1244798",
"url": "https://bugzilla.suse.com/1244798"
},
{
"category": "self",
"summary": "SUSE Bug 1244800",
"url": "https://bugzilla.suse.com/1244800"
},
{
"category": "self",
"summary": "SUSE Bug 1244802",
"url": "https://bugzilla.suse.com/1244802"
},
{
"category": "self",
"summary": "SUSE Bug 1244804",
"url": "https://bugzilla.suse.com/1244804"
},
{
"category": "self",
"summary": "SUSE Bug 1244805",
"url": "https://bugzilla.suse.com/1244805"
},
{
"category": "self",
"summary": "SUSE Bug 1244806",
"url": "https://bugzilla.suse.com/1244806"
},
{
"category": "self",
"summary": "SUSE Bug 1244807",
"url": "https://bugzilla.suse.com/1244807"
},
{
"category": "self",
"summary": "SUSE Bug 1244808",
"url": "https://bugzilla.suse.com/1244808"
},
{
"category": "self",
"summary": "SUSE Bug 1244811",
"url": "https://bugzilla.suse.com/1244811"
},
{
"category": "self",
"summary": "SUSE Bug 1244813",
"url": "https://bugzilla.suse.com/1244813"
},
{
"category": "self",
"summary": "SUSE Bug 1244814",
"url": "https://bugzilla.suse.com/1244814"
},
{
"category": "self",
"summary": "SUSE Bug 1244815",
"url": "https://bugzilla.suse.com/1244815"
},
{
"category": "self",
"summary": "SUSE Bug 1244816",
"url": "https://bugzilla.suse.com/1244816"
},
{
"category": "self",
"summary": "SUSE Bug 1244819",
"url": "https://bugzilla.suse.com/1244819"
},
{
"category": "self",
"summary": "SUSE Bug 1244820",
"url": "https://bugzilla.suse.com/1244820"
},
{
"category": "self",
"summary": "SUSE Bug 1244823",
"url": "https://bugzilla.suse.com/1244823"
},
{
"category": "self",
"summary": "SUSE Bug 1244824",
"url": "https://bugzilla.suse.com/1244824"
},
{
"category": "self",
"summary": "SUSE Bug 1244825",
"url": "https://bugzilla.suse.com/1244825"
},
{
"category": "self",
"summary": "SUSE Bug 1244826",
"url": "https://bugzilla.suse.com/1244826"
},
{
"category": "self",
"summary": "SUSE Bug 1244827",
"url": "https://bugzilla.suse.com/1244827"
},
{
"category": "self",
"summary": "SUSE Bug 1244830",
"url": "https://bugzilla.suse.com/1244830"
},
{
"category": "self",
"summary": "SUSE Bug 1244831",
"url": "https://bugzilla.suse.com/1244831"
},
{
"category": "self",
"summary": "SUSE Bug 1244832",
"url": "https://bugzilla.suse.com/1244832"
},
{
"category": "self",
"summary": "SUSE Bug 1244834",
"url": "https://bugzilla.suse.com/1244834"
},
{
"category": "self",
"summary": "SUSE Bug 1244836",
"url": "https://bugzilla.suse.com/1244836"
},
{
"category": "self",
"summary": "SUSE Bug 1244838",
"url": "https://bugzilla.suse.com/1244838"
},
{
"category": "self",
"summary": "SUSE Bug 1244839",
"url": "https://bugzilla.suse.com/1244839"
},
{
"category": "self",
"summary": "SUSE Bug 1244840",
"url": "https://bugzilla.suse.com/1244840"
},
{
"category": "self",
"summary": "SUSE Bug 1244841",
"url": "https://bugzilla.suse.com/1244841"
},
{
"category": "self",
"summary": "SUSE Bug 1244842",
"url": "https://bugzilla.suse.com/1244842"
},
{
"category": "self",
"summary": "SUSE Bug 1244843",
"url": "https://bugzilla.suse.com/1244843"
},
{
"category": "self",
"summary": "SUSE Bug 1244845",
"url": "https://bugzilla.suse.com/1244845"
},
{
"category": "self",
"summary": "SUSE Bug 1244846",
"url": "https://bugzilla.suse.com/1244846"
},
{
"category": "self",
"summary": "SUSE Bug 1244848",
"url": "https://bugzilla.suse.com/1244848"
},
{
"category": "self",
"summary": "SUSE Bug 1244849",
"url": "https://bugzilla.suse.com/1244849"
},
{
"category": "self",
"summary": "SUSE Bug 1244851",
"url": "https://bugzilla.suse.com/1244851"
},
{
"category": "self",
"summary": "SUSE Bug 1244853",
"url": "https://bugzilla.suse.com/1244853"
},
{
"category": "self",
"summary": "SUSE Bug 1244854",
"url": "https://bugzilla.suse.com/1244854"
},
{
"category": "self",
"summary": "SUSE Bug 1244856",
"url": "https://bugzilla.suse.com/1244856"
},
{
"category": "self",
"summary": "SUSE Bug 1244858",
"url": "https://bugzilla.suse.com/1244858"
},
{
"category": "self",
"summary": "SUSE Bug 1244860",
"url": "https://bugzilla.suse.com/1244860"
},
{
"category": "self",
"summary": "SUSE Bug 1244861",
"url": "https://bugzilla.suse.com/1244861"
},
{
"category": "self",
"summary": "SUSE Bug 1244866",
"url": "https://bugzilla.suse.com/1244866"
},
{
"category": "self",
"summary": "SUSE Bug 1244867",
"url": "https://bugzilla.suse.com/1244867"
},
{
"category": "self",
"summary": "SUSE Bug 1244868",
"url": "https://bugzilla.suse.com/1244868"
},
{
"category": "self",
"summary": "SUSE Bug 1244869",
"url": "https://bugzilla.suse.com/1244869"
},
{
"category": "self",
"summary": "SUSE Bug 1244870",
"url": "https://bugzilla.suse.com/1244870"
},
{
"category": "self",
"summary": "SUSE Bug 1244871",
"url": "https://bugzilla.suse.com/1244871"
},
{
"category": "self",
"summary": "SUSE Bug 1244872",
"url": "https://bugzilla.suse.com/1244872"
},
{
"category": "self",
"summary": "SUSE Bug 1244873",
"url": "https://bugzilla.suse.com/1244873"
},
{
"category": "self",
"summary": "SUSE Bug 1244875",
"url": "https://bugzilla.suse.com/1244875"
},
{
"category": "self",
"summary": "SUSE Bug 1244876",
"url": "https://bugzilla.suse.com/1244876"
},
{
"category": "self",
"summary": "SUSE Bug 1244878",
"url": "https://bugzilla.suse.com/1244878"
},
{
"category": "self",
"summary": "SUSE Bug 1244879",
"url": "https://bugzilla.suse.com/1244879"
},
{
"category": "self",
"summary": "SUSE Bug 1244881",
"url": "https://bugzilla.suse.com/1244881"
},
{
"category": "self",
"summary": "SUSE Bug 1244883",
"url": "https://bugzilla.suse.com/1244883"
},
{
"category": "self",
"summary": "SUSE Bug 1244884",
"url": "https://bugzilla.suse.com/1244884"
},
{
"category": "self",
"summary": "SUSE Bug 1244886",
"url": "https://bugzilla.suse.com/1244886"
},
{
"category": "self",
"summary": "SUSE Bug 1244887",
"url": "https://bugzilla.suse.com/1244887"
},
{
"category": "self",
"summary": "SUSE Bug 1244888",
"url": "https://bugzilla.suse.com/1244888"
},
{
"category": "self",
"summary": "SUSE Bug 1244890",
"url": "https://bugzilla.suse.com/1244890"
},
{
"category": "self",
"summary": "SUSE Bug 1244892",
"url": "https://bugzilla.suse.com/1244892"
},
{
"category": "self",
"summary": "SUSE Bug 1244893",
"url": "https://bugzilla.suse.com/1244893"
},
{
"category": "self",
"summary": "SUSE Bug 1244895",
"url": "https://bugzilla.suse.com/1244895"
},
{
"category": "self",
"summary": "SUSE Bug 1244898",
"url": "https://bugzilla.suse.com/1244898"
},
{
"category": "self",
"summary": "SUSE Bug 1244899",
"url": "https://bugzilla.suse.com/1244899"
},
{
"category": "self",
"summary": "SUSE Bug 1244900",
"url": "https://bugzilla.suse.com/1244900"
},
{
"category": "self",
"summary": "SUSE Bug 1244901",
"url": "https://bugzilla.suse.com/1244901"
},
{
"category": "self",
"summary": "SUSE Bug 1244902",
"url": "https://bugzilla.suse.com/1244902"
},
{
"category": "self",
"summary": "SUSE Bug 1244903",
"url": "https://bugzilla.suse.com/1244903"
},
{
"category": "self",
"summary": "SUSE Bug 1244904",
"url": "https://bugzilla.suse.com/1244904"
},
{
"category": "self",
"summary": "SUSE Bug 1244905",
"url": "https://bugzilla.suse.com/1244905"
},
{
"category": "self",
"summary": "SUSE Bug 1244908",
"url": "https://bugzilla.suse.com/1244908"
},
{
"category": "self",
"summary": "SUSE Bug 1244911",
"url": "https://bugzilla.suse.com/1244911"
},
{
"category": "self",
"summary": "SUSE Bug 1244912",
"url": "https://bugzilla.suse.com/1244912"
},
{
"category": "self",
"summary": "SUSE Bug 1244914",
"url": "https://bugzilla.suse.com/1244914"
},
{
"category": "self",
"summary": "SUSE Bug 1244915",
"url": "https://bugzilla.suse.com/1244915"
},
{
"category": "self",
"summary": "SUSE Bug 1244928",
"url": "https://bugzilla.suse.com/1244928"
},
{
"category": "self",
"summary": "SUSE Bug 1244936",
"url": "https://bugzilla.suse.com/1244936"
},
{
"category": "self",
"summary": "SUSE Bug 1244940",
"url": "https://bugzilla.suse.com/1244940"
},
{
"category": "self",
"summary": "SUSE Bug 1244941",
"url": "https://bugzilla.suse.com/1244941"
},
{
"category": "self",
"summary": "SUSE Bug 1244942",
"url": "https://bugzilla.suse.com/1244942"
},
{
"category": "self",
"summary": "SUSE Bug 1244943",
"url": "https://bugzilla.suse.com/1244943"
},
{
"category": "self",
"summary": "SUSE Bug 1244944",
"url": "https://bugzilla.suse.com/1244944"
},
{
"category": "self",
"summary": "SUSE Bug 1244945",
"url": "https://bugzilla.suse.com/1244945"
},
{
"category": "self",
"summary": "SUSE Bug 1244948",
"url": "https://bugzilla.suse.com/1244948"
},
{
"category": "self",
"summary": "SUSE Bug 1244949",
"url": "https://bugzilla.suse.com/1244949"
},
{
"category": "self",
"summary": "SUSE Bug 1244950",
"url": "https://bugzilla.suse.com/1244950"
},
{
"category": "self",
"summary": "SUSE Bug 1244953",
"url": "https://bugzilla.suse.com/1244953"
},
{
"category": "self",
"summary": "SUSE Bug 1244955",
"url": "https://bugzilla.suse.com/1244955"
},
{
"category": "self",
"summary": "SUSE Bug 1244956",
"url": "https://bugzilla.suse.com/1244956"
},
{
"category": "self",
"summary": "SUSE Bug 1244957",
"url": "https://bugzilla.suse.com/1244957"
},
{
"category": "self",
"summary": "SUSE Bug 1244958",
"url": "https://bugzilla.suse.com/1244958"
},
{
"category": "self",
"summary": "SUSE Bug 1244959",
"url": "https://bugzilla.suse.com/1244959"
},
{
"category": "self",
"summary": "SUSE Bug 1244960",
"url": "https://bugzilla.suse.com/1244960"
},
{
"category": "self",
"summary": "SUSE Bug 1244961",
"url": "https://bugzilla.suse.com/1244961"
},
{
"category": "self",
"summary": "SUSE Bug 1244965",
"url": "https://bugzilla.suse.com/1244965"
},
{
"category": "self",
"summary": "SUSE Bug 1244966",
"url": "https://bugzilla.suse.com/1244966"
},
{
"category": "self",
"summary": "SUSE Bug 1244967",
"url": "https://bugzilla.suse.com/1244967"
},
{
"category": "self",
"summary": "SUSE Bug 1244968",
"url": "https://bugzilla.suse.com/1244968"
},
{
"category": "self",
"summary": "SUSE Bug 1244969",
"url": "https://bugzilla.suse.com/1244969"
},
{
"category": "self",
"summary": "SUSE Bug 1244970",
"url": "https://bugzilla.suse.com/1244970"
},
{
"category": "self",
"summary": "SUSE Bug 1244973",
"url": "https://bugzilla.suse.com/1244973"
},
{
"category": "self",
"summary": "SUSE Bug 1244974",
"url": "https://bugzilla.suse.com/1244974"
},
{
"category": "self",
"summary": "SUSE Bug 1244976",
"url": "https://bugzilla.suse.com/1244976"
},
{
"category": "self",
"summary": "SUSE Bug 1244977",
"url": "https://bugzilla.suse.com/1244977"
},
{
"category": "self",
"summary": "SUSE Bug 1244978",
"url": "https://bugzilla.suse.com/1244978"
},
{
"category": "self",
"summary": "SUSE Bug 1244979",
"url": "https://bugzilla.suse.com/1244979"
},
{
"category": "self",
"summary": "SUSE Bug 1244983",
"url": "https://bugzilla.suse.com/1244983"
},
{
"category": "self",
"summary": "SUSE Bug 1244984",
"url": "https://bugzilla.suse.com/1244984"
},
{
"category": "self",
"summary": "SUSE Bug 1244985",
"url": "https://bugzilla.suse.com/1244985"
},
{
"category": "self",
"summary": "SUSE Bug 1244986",
"url": "https://bugzilla.suse.com/1244986"
},
{
"category": "self",
"summary": "SUSE Bug 1244987",
"url": "https://bugzilla.suse.com/1244987"
},
{
"category": "self",
"summary": "SUSE Bug 1244991",
"url": "https://bugzilla.suse.com/1244991"
},
{
"category": "self",
"summary": "SUSE Bug 1244992",
"url": "https://bugzilla.suse.com/1244992"
},
{
"category": "self",
"summary": "SUSE Bug 1244993",
"url": "https://bugzilla.suse.com/1244993"
},
{
"category": "self",
"summary": "SUSE Bug 1245006",
"url": "https://bugzilla.suse.com/1245006"
},
{
"category": "self",
"summary": "SUSE Bug 1245007",
"url": "https://bugzilla.suse.com/1245007"
},
{
"category": "self",
"summary": "SUSE Bug 1245009",
"url": "https://bugzilla.suse.com/1245009"
},
{
"category": "self",
"summary": "SUSE Bug 1245011",
"url": "https://bugzilla.suse.com/1245011"
},
{
"category": "self",
"summary": "SUSE Bug 1245012",
"url": "https://bugzilla.suse.com/1245012"
},
{
"category": "self",
"summary": "SUSE Bug 1245015",
"url": "https://bugzilla.suse.com/1245015"
},
{
"category": "self",
"summary": "SUSE Bug 1245018",
"url": "https://bugzilla.suse.com/1245018"
},
{
"category": "self",
"summary": "SUSE Bug 1245019",
"url": "https://bugzilla.suse.com/1245019"
},
{
"category": "self",
"summary": "SUSE Bug 1245023",
"url": "https://bugzilla.suse.com/1245023"
},
{
"category": "self",
"summary": "SUSE Bug 1245024",
"url": "https://bugzilla.suse.com/1245024"
},
{
"category": "self",
"summary": "SUSE Bug 1245028",
"url": "https://bugzilla.suse.com/1245028"
},
{
"category": "self",
"summary": "SUSE Bug 1245031",
"url": "https://bugzilla.suse.com/1245031"
},
{
"category": "self",
"summary": "SUSE Bug 1245032",
"url": "https://bugzilla.suse.com/1245032"
},
{
"category": "self",
"summary": "SUSE Bug 1245033",
"url": "https://bugzilla.suse.com/1245033"
},
{
"category": "self",
"summary": "SUSE Bug 1245038",
"url": "https://bugzilla.suse.com/1245038"
},
{
"category": "self",
"summary": "SUSE Bug 1245039",
"url": "https://bugzilla.suse.com/1245039"
},
{
"category": "self",
"summary": "SUSE Bug 1245040",
"url": "https://bugzilla.suse.com/1245040"
},
{
"category": "self",
"summary": "SUSE Bug 1245041",
"url": "https://bugzilla.suse.com/1245041"
},
{
"category": "self",
"summary": "SUSE Bug 1245047",
"url": "https://bugzilla.suse.com/1245047"
},
{
"category": "self",
"summary": "SUSE Bug 1245048",
"url": "https://bugzilla.suse.com/1245048"
},
{
"category": "self",
"summary": "SUSE Bug 1245051",
"url": "https://bugzilla.suse.com/1245051"
},
{
"category": "self",
"summary": "SUSE Bug 1245052",
"url": "https://bugzilla.suse.com/1245052"
},
{
"category": "self",
"summary": "SUSE Bug 1245057",
"url": "https://bugzilla.suse.com/1245057"
},
{
"category": "self",
"summary": "SUSE Bug 1245058",
"url": "https://bugzilla.suse.com/1245058"
},
{
"category": "self",
"summary": "SUSE Bug 1245060",
"url": "https://bugzilla.suse.com/1245060"
},
{
"category": "self",
"summary": "SUSE Bug 1245062",
"url": "https://bugzilla.suse.com/1245062"
},
{
"category": "self",
"summary": "SUSE Bug 1245063",
"url": "https://bugzilla.suse.com/1245063"
},
{
"category": "self",
"summary": "SUSE Bug 1245064",
"url": "https://bugzilla.suse.com/1245064"
},
{
"category": "self",
"summary": "SUSE Bug 1245069",
"url": "https://bugzilla.suse.com/1245069"
},
{
"category": "self",
"summary": "SUSE Bug 1245070",
"url": "https://bugzilla.suse.com/1245070"
},
{
"category": "self",
"summary": "SUSE Bug 1245072",
"url": "https://bugzilla.suse.com/1245072"
},
{
"category": "self",
"summary": "SUSE Bug 1245073",
"url": "https://bugzilla.suse.com/1245073"
},
{
"category": "self",
"summary": "SUSE Bug 1245088",
"url": "https://bugzilla.suse.com/1245088"
},
{
"category": "self",
"summary": "SUSE Bug 1245089",
"url": "https://bugzilla.suse.com/1245089"
},
{
"category": "self",
"summary": "SUSE Bug 1245092",
"url": "https://bugzilla.suse.com/1245092"
},
{
"category": "self",
"summary": "SUSE Bug 1245093",
"url": "https://bugzilla.suse.com/1245093"
},
{
"category": "self",
"summary": "SUSE Bug 1245094",
"url": "https://bugzilla.suse.com/1245094"
},
{
"category": "self",
"summary": "SUSE Bug 1245098",
"url": "https://bugzilla.suse.com/1245098"
},
{
"category": "self",
"summary": "SUSE Bug 1245103",
"url": "https://bugzilla.suse.com/1245103"
},
{
"category": "self",
"summary": "SUSE Bug 1245116",
"url": "https://bugzilla.suse.com/1245116"
},
{
"category": "self",
"summary": "SUSE Bug 1245117",
"url": "https://bugzilla.suse.com/1245117"
},
{
"category": "self",
"summary": "SUSE Bug 1245118",
"url": "https://bugzilla.suse.com/1245118"
},
{
"category": "self",
"summary": "SUSE Bug 1245119",
"url": "https://bugzilla.suse.com/1245119"
},
{
"category": "self",
"summary": "SUSE Bug 1245121",
"url": "https://bugzilla.suse.com/1245121"
},
{
"category": "self",
"summary": "SUSE Bug 1245122",
"url": "https://bugzilla.suse.com/1245122"
},
{
"category": "self",
"summary": "SUSE Bug 1245125",
"url": "https://bugzilla.suse.com/1245125"
},
{
"category": "self",
"summary": "SUSE Bug 1245129",
"url": "https://bugzilla.suse.com/1245129"
},
{
"category": "self",
"summary": "SUSE Bug 1245131",
"url": "https://bugzilla.suse.com/1245131"
},
{
"category": "self",
"summary": "SUSE Bug 1245133",
"url": "https://bugzilla.suse.com/1245133"
},
{
"category": "self",
"summary": "SUSE Bug 1245134",
"url": "https://bugzilla.suse.com/1245134"
},
{
"category": "self",
"summary": "SUSE Bug 1245135",
"url": "https://bugzilla.suse.com/1245135"
},
{
"category": "self",
"summary": "SUSE Bug 1245136",
"url": "https://bugzilla.suse.com/1245136"
},
{
"category": "self",
"summary": "SUSE Bug 1245138",
"url": "https://bugzilla.suse.com/1245138"
},
{
"category": "self",
"summary": "SUSE Bug 1245139",
"url": "https://bugzilla.suse.com/1245139"
},
{
"category": "self",
"summary": "SUSE Bug 1245140",
"url": "https://bugzilla.suse.com/1245140"
},
{
"category": "self",
"summary": "SUSE Bug 1245142",
"url": "https://bugzilla.suse.com/1245142"
},
{
"category": "self",
"summary": "SUSE Bug 1245146",
"url": "https://bugzilla.suse.com/1245146"
},
{
"category": "self",
"summary": "SUSE Bug 1245147",
"url": "https://bugzilla.suse.com/1245147"
},
{
"category": "self",
"summary": "SUSE Bug 1245149",
"url": "https://bugzilla.suse.com/1245149"
},
{
"category": "self",
"summary": "SUSE Bug 1245152",
"url": "https://bugzilla.suse.com/1245152"
},
{
"category": "self",
"summary": "SUSE Bug 1245154",
"url": "https://bugzilla.suse.com/1245154"
},
{
"category": "self",
"summary": "SUSE Bug 1245155",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "self",
"summary": "SUSE Bug 1245180",
"url": "https://bugzilla.suse.com/1245180"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245189",
"url": "https://bugzilla.suse.com/1245189"
},
{
"category": "self",
"summary": "SUSE Bug 1245191",
"url": "https://bugzilla.suse.com/1245191"
},
{
"category": "self",
"summary": "SUSE Bug 1245195",
"url": "https://bugzilla.suse.com/1245195"
},
{
"category": "self",
"summary": "SUSE Bug 1245197",
"url": "https://bugzilla.suse.com/1245197"
},
{
"category": "self",
"summary": "SUSE Bug 1245265",
"url": "https://bugzilla.suse.com/1245265"
},
{
"category": "self",
"summary": "SUSE Bug 1245340",
"url": "https://bugzilla.suse.com/1245340"
},
{
"category": "self",
"summary": "SUSE Bug 1245348",
"url": "https://bugzilla.suse.com/1245348"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47557 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47595 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1679 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2585 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2905 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3903 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4095 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49934 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49935 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49936 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49937 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49938 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49942 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49943 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49944 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49946 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49948 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49949 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49951 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49954 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49958 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49960 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49962 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49963 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49964 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49965 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49966 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49968 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49969 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49971 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49972 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49977 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49978 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49980 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49981 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49982 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49983 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49984 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49985 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49986 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49987 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49989 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49990 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49993 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49995 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49999 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50002 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50003 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50005 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50006 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50008 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50010 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50011 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50012 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50015 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50016 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50019 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50020 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50021 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50022 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50023 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50024 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50026 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50027 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50030 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50031 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50032 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50033 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50034 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50035 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50037 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50039 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50040 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50041 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50044 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50045 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50046 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50047 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50049 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50050 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50051 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50052 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50053 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50054 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50055 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50059 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50060 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50061 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50065 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50066 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50067 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50068 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50072 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50074 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50076 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50077 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50079 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50084 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50086 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50087 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50092 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50093 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50094 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50095 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50098 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50100 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50101 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50102 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50103 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50104 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50108 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50109 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50110 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50111 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50112 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50116 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50117 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50118 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50120 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50121 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50124 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50127 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50131 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50132 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50133 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50134 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50135 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50136 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50137 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50138 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50141 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50143 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50144 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50145 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50151 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50156 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50157 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50158 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50160 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50161 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50164 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50165 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50166 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50171 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50172 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50173 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50175 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50176 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50178 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50181 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50183 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50184 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50186 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50187 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50188 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50190 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50191 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50192 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50194 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50196 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50197 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50198 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50199 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50200 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50201 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50202 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50203 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50204 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50206 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50207 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50208 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50209 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50211 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50212 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50213 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50215 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50220 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50221 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50222 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50226 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50228 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50229 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50231 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3111 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52925 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53046 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53048 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53076 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53097 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26808 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27397 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53197 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-15T14:31:35Z",
"generator": {
"date": "2025-07-15T14:31:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02321-1",
"initial_release_date": "2025-07-15T14:31:35Z",
"revision_history": [
{
"date": "2025-07-15T14:31:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"product_id": "kernel-devel-rt-5.14.21-150500.13.100.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150500.13.100.1.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150500.13.100.1.noarch",
"product_id": "kernel-source-rt-5.14.21-150500.13.100.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt-vdso-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt-vdso-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.100.2.x86_64",
"product_id": "kernel-rt_debug-vdso-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150500.13.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150500.13.100.2.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150500.13.100.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.14.21-150500.13.100.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch"
},
"product_reference": "kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.100.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.100.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.100.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.100.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47557"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t peek at classes beyond \u0027nbands\u0027\n\nwhen the number of DRR classes decreases, the round-robin active list can\ncontain elements that have already been freed in ets_qdisc_change(). As a\nconsequence, it\u0027s possible to see a NULL dereference crash, caused by the\nattempt to call cl-\u003eqdisc-\u003eops-\u003epeek(cl-\u003eqdisc) when cl-\u003eqdisc is NULL:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 910 Comm: mausezahn Not tainted 5.16.0-rc1+ #475\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:ets_qdisc_dequeue+0x129/0x2c0 [sch_ets]\n Code: c5 01 41 39 ad e4 02 00 00 0f 87 18 ff ff ff 49 8b 85 c0 02 00 00 49 39 c4 0f 84 ba 00 00 00 49 8b ad c0 02 00 00 48 8b 7d 10 \u003c48\u003e 8b 47 18 48 8b 40 38 0f ae e8 ff d0 48 89 c3 48 85 c0 0f 84 9d\n RSP: 0000:ffffbb36c0b5fdd8 EFLAGS: 00010287\n RAX: ffff956678efed30 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff9b938dc9 RDI: 0000000000000000\n RBP: ffff956678efed30 R08: e2f3207fe360129c R09: 0000000000000000\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff956678efeac0\n R13: ffff956678efe800 R14: ffff956611545000 R15: ffff95667ac8f100\n FS: 00007f2aa9120740(0000) GS:ffff95667b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000018 CR3: 000000011070c000 CR4: 0000000000350ee0\n Call Trace:\n \u003cTASK\u003e\n qdisc_peek_dequeued+0x29/0x70 [sch_ets]\n tbf_dequeue+0x22/0x260 [sch_tbf]\n __qdisc_run+0x7f/0x630\n net_tx_action+0x290/0x4c0\n __do_softirq+0xee/0x4f8\n irq_exit_rcu+0xf4/0x130\n sysvec_apic_timer_interrupt+0x52/0xc0\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n RIP: 0033:0x7f2aa7fc9ad4\n Code: b9 ff ff 48 8b 54 24 18 48 83 c4 08 48 89 ee 48 89 df 5b 5d e9 ed fc ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa \u003c53\u003e 48 83 ec 10 48 8b 05 10 64 33 00 48 8b 00 48 85 c0 0f 85 84 00\n RSP: 002b:00007ffe5d33fab8 EFLAGS: 00000202\n RAX: 0000000000000002 RBX: 0000561f72c31460 RCX: 0000561f72c31720\n RDX: 0000000000000002 RSI: 0000561f72c31722 RDI: 0000561f72c31720\n RBP: 000000000000002a R08: 00007ffe5d33fa40 R09: 0000000000000014\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000561f7187e380\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000561f72c31460\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt intel_rapl_msr iTCO_vendor_support intel_rapl_common joydev virtio_balloon lpc_ich i2c_i801 i2c_smbus pcspkr ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel ahci libahci ghash_clmulni_intel serio_raw libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod\n CR2: 0000000000000018\n\nEnsuring that \u0027alist\u0027 was never zeroed [1] was not sufficient, we need to\nremove from the active list those elements that are no more SP nor DRR.\n\n[1] https://lore.kernel.org/netdev/60d274838bf09777f0371253416e8af71360bc08.1633609148.git.dcaratti@redhat.com/\n\nv3: fix race between ets_qdisc_change() and ets_qdisc_dequeue() delisting\n DRR classes beyond \u0027nbands\u0027 in ets_qdisc_change() with the qdisc lock\n acquired, thanks to Cong Wang.\n\nv2: when a NULL qdisc is found in the DRR active list, try to dequeue skb\n from the next list item.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47557",
"url": "https://www.suse.com/security/cve/CVE-2021-47557"
},
{
"category": "external",
"summary": "SUSE Bug 1225468 for CVE-2021-47557",
"url": "https://bugzilla.suse.com/1225468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2021-47557"
},
{
"cve": "CVE-2021-47595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t remove idle classes from the round-robin list\n\nShuang reported that the following script:\n\n 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7\n 2) mausezahn ddd0 -A 10.10.10.1 -B 10.10.10.2 -c 0 -a own -b 00:c1:a0:c1:a0:00 -t udp \u0026\n 3) tc qdisc change dev ddd0 handle 10: ets bands 4 strict 2 quanta 2500 2500 priomap 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3\n\ncrashes systematically when line 2) is commented:\n\n list_del corruption, ffff8e028404bd30-\u003enext is LIST_POISON1 (dead000000000100)\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:47!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 954 Comm: tc Not tainted 5.16.0-rc4+ #478\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000682f48 CR3: 00000001058be000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x58b/0xa70 [sch_ets]\n tc_modify_qdisc+0x323/0x880\n rtnetlink_rcv_msg+0x169/0x4a0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1a5/0x280\n netlink_sendmsg+0x257/0x4d0\n sock_sendmsg+0x5b/0x60\n ____sys_sendmsg+0x1f2/0x260\n ___sys_sendmsg+0x7c/0xc0\n __sys_sendmsg+0x57/0xa0\n do_syscall_64+0x3a/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7efdc8031338\n Code: 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 25 43 2c 00 8b 00 85 c0 75 17 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 41 89 d4 55\n RSP: 002b:00007ffdf1ce9828 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000061b37a97 RCX: 00007efdc8031338\n RDX: 0000000000000000 RSI: 00007ffdf1ce9890 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000078a940\n R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001\n R13: 0000000000688880 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt iTCO_vendor_support intel_rapl_msr intel_rapl_common joydev pcspkr i2c_i801 virtio_balloon i2c_smbus lpc_ich ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel serio_raw ghash_clmulni_intel ahci libahci libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod [last unloaded: sch_ets]\n ---[ end trace f35878d1912655c2 ]---\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47595",
"url": "https://www.suse.com/security/cve/CVE-2021-47595"
},
{
"category": "external",
"summary": "SUSE Bug 1226552 for CVE-2021-47595",
"url": "https://bugzilla.suse.com/1226552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2021-47595"
},
{
"cve": "CVE-2022-1679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1679"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1679",
"url": "https://www.suse.com/security/cve/CVE-2022-1679"
},
{
"category": "external",
"summary": "SUSE Bug 1199487 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "external",
"summary": "SUSE Bug 1201080 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201080"
},
{
"category": "external",
"summary": "SUSE Bug 1201832 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201832"
},
{
"category": "external",
"summary": "SUSE Bug 1204132 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1204132"
},
{
"category": "external",
"summary": "SUSE Bug 1212316 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1212316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-2585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2585"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that when exec\u0027ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2585",
"url": "https://www.suse.com/security/cve/CVE-2022-2585"
},
{
"category": "external",
"summary": "SUSE Bug 1202094 for CVE-2022-2585",
"url": "https://bugzilla.suse.com/1202094"
},
{
"category": "external",
"summary": "SUSE Bug 1202163 for CVE-2022-2585",
"url": "https://bugzilla.suse.com/1202163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-2585"
},
{
"cve": "CVE-2022-2586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2586"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2586",
"url": "https://www.suse.com/security/cve/CVE-2022-2586"
},
{
"category": "external",
"summary": "SUSE Bug 1202095 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "external",
"summary": "SUSE Bug 1209719 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1209719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-2586"
},
{
"cve": "CVE-2022-2905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2905"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2905",
"url": "https://www.suse.com/security/cve/CVE-2022-2905"
},
{
"category": "external",
"summary": "SUSE Bug 1202860 for CVE-2022-2905",
"url": "https://bugzilla.suse.com/1202860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-2905"
},
{
"cve": "CVE-2022-3903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3903"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3903",
"url": "https://www.suse.com/security/cve/CVE-2022-3903"
},
{
"category": "external",
"summary": "SUSE Bug 1205220 for CVE-2022-3903",
"url": "https://bugzilla.suse.com/1205220"
},
{
"category": "external",
"summary": "SUSE Bug 1212297 for CVE-2022-3903",
"url": "https://bugzilla.suse.com/1212297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-3903"
},
{
"cve": "CVE-2022-4095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4095"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4095",
"url": "https://www.suse.com/security/cve/CVE-2022-4095"
},
{
"category": "external",
"summary": "SUSE Bug 1205514 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1205514"
},
{
"category": "external",
"summary": "SUSE Bug 1205594 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1205594"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1212319 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1212319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-4095"
},
{
"cve": "CVE-2022-4662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4662"
}
],
"notes": [
{
"category": "general",
"text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4662",
"url": "https://www.suse.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "SUSE Bug 1206664 for CVE-2022-4662",
"url": "https://bugzilla.suse.com/1206664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-4662"
},
{
"cve": "CVE-2022-49934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Fix UAF in ieee80211_scan_rx()\n\nieee80211_scan_rx() tries to access scan_req-\u003eflags after a\nnull check, but a UAF is observed when the scan is completed\nand __ieee80211_scan_completed() executes, which then calls\ncfg80211_scan_done() leading to the freeing of scan_req.\n\nSince scan_req is rcu_dereference()\u0027d, prevent the racing in\n__ieee80211_scan_completed() by ensuring that from mac80211\u0027s\nPOV it is no longer accessed from an RCU read critical section\nbefore we call cfg80211_scan_done().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49934",
"url": "https://www.suse.com/security/cve/CVE-2022-49934"
},
{
"category": "external",
"summary": "SUSE Bug 1245051 for CVE-2022-49934",
"url": "https://bugzilla.suse.com/1245051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49934"
},
{
"cve": "CVE-2022-49935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/dma-resv: check if the new fence is really later\n\nPreviously when we added a fence to a dma_resv object we always\nassumed the the newer than all the existing fences.\n\nWith Jason\u0027s work to add an UAPI to explicit export/import that\u0027s not\nnecessary the case any more. So without this check we would allow\nuserspace to force the kernel into an use after free error.\n\nSince the change is very small and defensive it\u0027s probably a good\nidea to backport this to stable kernels as well just in case others\nare using the dma_resv object in the same way.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49935",
"url": "https://www.suse.com/security/cve/CVE-2022-49935"
},
{
"category": "external",
"summary": "SUSE Bug 1245052 for CVE-2022-49935",
"url": "https://bugzilla.suse.com/1245052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49935"
},
{
"cve": "CVE-2022-49936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Prevent nested device-reset calls\n\nAutomatic kernel fuzzing revealed a recursive locking violation in\nusb-storage:\n\n============================================\nWARNING: possible recursive locking detected\n5.18.0 #3 Not tainted\n--------------------------------------------\nkworker/1:3/1205 is trying to acquire lock:\nffff888018638db8 (\u0026us_interface_key[i]){+.+.}-{3:3}, at:\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\n\nbut task is already holding lock:\nffff888018638db8 (\u0026us_interface_key[i]){+.+.}-{3:3}, at:\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\n\n...\n\nstack backtrace:\nCPU: 1 PID: 1205 Comm: kworker/1:3 Not tainted 5.18.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_deadlock_bug kernel/locking/lockdep.c:2988 [inline]\ncheck_deadlock kernel/locking/lockdep.c:3031 [inline]\nvalidate_chain kernel/locking/lockdep.c:3816 [inline]\n__lock_acquire.cold+0x152/0x3ca kernel/locking/lockdep.c:5053\nlock_acquire kernel/locking/lockdep.c:5665 [inline]\nlock_acquire+0x1ab/0x520 kernel/locking/lockdep.c:5630\n__mutex_lock_common kernel/locking/mutex.c:603 [inline]\n__mutex_lock+0x14f/0x1610 kernel/locking/mutex.c:747\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\nusb_reset_device+0x37d/0x9a0 drivers/usb/core/hub.c:6109\nr871xu_dev_remove+0x21a/0x270 drivers/staging/rtl8712/usb_intf.c:622\nusb_unbind_interface+0x1bd/0x890 drivers/usb/core/driver.c:458\ndevice_remove drivers/base/dd.c:545 [inline]\ndevice_remove+0x11f/0x170 drivers/base/dd.c:537\n__device_release_driver drivers/base/dd.c:1222 [inline]\ndevice_release_driver_internal+0x1a7/0x2f0 drivers/base/dd.c:1248\nusb_driver_release_interface+0x102/0x180 drivers/usb/core/driver.c:627\nusb_forced_unbind_intf+0x4d/0xa0 drivers/usb/core/driver.c:1118\nusb_reset_device+0x39b/0x9a0 drivers/usb/core/hub.c:6114\n\nThis turned out not to be an error in usb-storage but rather a nested\ndevice reset attempt. That is, as the rtl8712 driver was being\nunbound from a composite device in preparation for an unrelated USB\nreset (that driver does not have pre_reset or post_reset callbacks),\nits -\u003eremove routine called usb_reset_device() -- thus nesting one\nreset call within another.\n\nPerforming a reset as part of disconnect processing is a questionable\npractice at best. However, the bug report points out that the USB\ncore does not have any protection against nested resets. Adding a\nreset_in_progress flag and testing it will prevent such errors in the\nfuture.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49936",
"url": "https://www.suse.com/security/cve/CVE-2022-49936"
},
{
"category": "external",
"summary": "SUSE Bug 1244984 for CVE-2022-49936",
"url": "https://bugzilla.suse.com/1244984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49936"
},
{
"cve": "CVE-2022-49937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mceusb: Use new usb_control_msg_*() routines\n\nAutomatic kernel fuzzing led to a WARN about invalid pipe direction in\nthe mceusb driver:\n\n------------[ cut here ]------------\nusb 6-1: BOGUS control dir, pipe 80000380 doesn\u0027t match bRequestType 40\nWARNING: CPU: 0 PID: 2465 at drivers/usb/core/urb.c:410\nusb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nModules linked in:\nCPU: 0 PID: 2465 Comm: kworker/0:2 Not tainted 5.19.0-rc4-00208-g69cb6c6556ad #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nCode: 7c 24 40 e8 ac 23 91 fd 48 8b 7c 24 40 e8 b2 70 1b ff 45 89 e8\n44 89 f1 4c 89 e2 48 89 c6 48 c7 c7 a0 30 a9 86 e8 48 07 11 02 \u003c0f\u003e 0b\ne9 1c f0 ff ff e8 7e 23 91 fd 0f b6 1d 63 22 83 05 31 ff 41\nRSP: 0018:ffffc900032becf0 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff8881100f3058 RCX: 0000000000000000\nRDX: ffffc90004961000 RSI: ffff888114c6d580 RDI: fffff52000657d90\nRBP: ffff888105ad90f0 R08: ffffffff812c3638 R09: 0000000000000000\nR10: 0000000000000005 R11: ffffed1023504ef1 R12: ffff888105ad9000\nR13: 0000000000000040 R14: 0000000080000380 R15: ffff88810ba96500\nFS: 0000000000000000(0000) GS:ffff88811a800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe810bda58 CR3: 000000010b720000 CR4: 0000000000350ef0\nCall Trace:\n\u003cTASK\u003e\nusb_start_wait_urb+0x101/0x4c0 drivers/usb/core/message.c:58\nusb_internal_control_msg drivers/usb/core/message.c:102 [inline]\nusb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:153\nmceusb_gen1_init drivers/media/rc/mceusb.c:1431 [inline]\nmceusb_dev_probe+0x258e/0x33f0 drivers/media/rc/mceusb.c:1807\n\nThe reason for the warning is clear enough; the driver sends an\nunusual read request on endpoint 0 but does not set the USB_DIR_IN bit\nin the bRequestType field.\n\nMore importantly, the whole situation can be avoided and the driver\nsimplified by converting it over to the relatively new\nusb_control_msg_recv() and usb_control_msg_send() routines. That\u0027s\nwhat this fix does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49937",
"url": "https://www.suse.com/security/cve/CVE-2022-49937"
},
{
"category": "external",
"summary": "SUSE Bug 1245057 for CVE-2022-49937",
"url": "https://bugzilla.suse.com/1245057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49937"
},
{
"cve": "CVE-2022-49938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix small mempool leak in SMB2_negotiate()\n\nIn some cases of failure (dialect mismatches) in SMB2_negotiate(), after\nthe request is sent, the checks would return -EIO when they should be\nrather setting rc = -EIO and jumping to neg_exit to free the response\nbuffer from mempool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49938",
"url": "https://www.suse.com/security/cve/CVE-2022-49938"
},
{
"category": "external",
"summary": "SUSE Bug 1244820 for CVE-2022-49938",
"url": "https://bugzilla.suse.com/1244820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2022-49938"
},
{
"cve": "CVE-2022-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: add sanity check for gsm-\u003ereceive in gsm_receive_buf()\n\nA null pointer dereference can happen when attempting to access the\n\"gsm-\u003ereceive()\" function in gsmld_receive_buf(). Currently, the code\nassumes that gsm-\u003erecieve is only called after MUX activation.\nSince the gsmld_receive_buf() function can be accessed without the need to\ninitialize the MUX, the gsm-\u003ereceive() function will not be set and a\nNULL pointer dereference will occur.\n\nFix this by avoiding the call to \"gsm-\u003ereceive()\" in case the function is\nnot initialized by adding a sanity check.\n\nCall Trace:\n \u003cTASK\u003e\n gsmld_receive_buf+0x1c2/0x2f0 drivers/tty/n_gsm.c:2861\n tiocsti drivers/tty/tty_io.c:2293 [inline]\n tty_ioctl+0xa75/0x15d0 drivers/tty/tty_io.c:2692\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49940",
"url": "https://www.suse.com/security/cve/CVE-2022-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1244866 for CVE-2022-49940",
"url": "https://bugzilla.suse.com/1244866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49940"
},
{
"cve": "CVE-2022-49942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49942"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Don\u0027t finalize CSA in IBSS mode if state is disconnected\n\nWhen we are not connected to a channel, sending channel \"switch\"\nannouncement doesn\u0027t make any sense.\n\nThe BSS list is empty in that case. This causes the for loop in\ncfg80211_get_bss() to be bypassed, so the function returns NULL\n(check line 1424 of net/wireless/scan.c), causing the WARN_ON()\nin ieee80211_ibss_csa_beacon() to get triggered (check line 500\nof net/mac80211/ibss.c), which was consequently reported on the\nsyzkaller dashboard.\n\nThus, check if we have an existing connection before generating\nthe CSA beacon in ieee80211_ibss_finish_csa().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49942",
"url": "https://www.suse.com/security/cve/CVE-2022-49942"
},
{
"category": "external",
"summary": "SUSE Bug 1244881 for CVE-2022-49942",
"url": "https://bugzilla.suse.com/1244881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49942"
},
{
"cve": "CVE-2022-49943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: Fix obscure lockdep violation for udc_mutex\n\nA recent commit expanding the scope of the udc_lock mutex in the\ngadget core managed to cause an obscure and slightly bizarre lockdep\nviolation. In abbreviated form:\n\n======================================================\nWARNING: possible circular locking dependency detected\n5.19.0-rc7+ #12510 Not tainted\n------------------------------------------------------\nudevadm/312 is trying to acquire lock:\nffff80000aae1058 (udc_lock){+.+.}-{3:3}, at: usb_udc_uevent+0x54/0xe0\n\nbut task is already holding lock:\nffff000002277548 (kn-\u003eactive#4){++++}-{0:0}, at: kernfs_seq_start+0x34/0xe0\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #3 (kn-\u003eactive#4){++++}-{0:0}:\n lock_acquire+0x68/0x84\n __kernfs_remove+0x268/0x380\n kernfs_remove_by_name_ns+0x58/0xac\n sysfs_remove_file_ns+0x18/0x24\n device_del+0x15c/0x440\n\n-\u003e #2 (device_links_lock){+.+.}-{3:3}:\n lock_acquire+0x68/0x84\n __mutex_lock+0x9c/0x430\n mutex_lock_nested+0x38/0x64\n device_link_remove+0x3c/0xa0\n _regulator_put.part.0+0x168/0x190\n regulator_put+0x3c/0x54\n devm_regulator_release+0x14/0x20\n\n-\u003e #1 (regulator_list_mutex){+.+.}-{3:3}:\n lock_acquire+0x68/0x84\n __mutex_lock+0x9c/0x430\n mutex_lock_nested+0x38/0x64\n regulator_lock_dependent+0x54/0x284\n regulator_enable+0x34/0x80\n phy_power_on+0x24/0x130\n __dwc2_lowlevel_hw_enable+0x100/0x130\n dwc2_lowlevel_hw_enable+0x18/0x40\n dwc2_hsotg_udc_start+0x6c/0x2f0\n gadget_bind_driver+0x124/0x1f4\n\n-\u003e #0 (udc_lock){+.+.}-{3:3}:\n __lock_acquire+0x1298/0x20cc\n lock_acquire.part.0+0xe0/0x230\n lock_acquire+0x68/0x84\n __mutex_lock+0x9c/0x430\n mutex_lock_nested+0x38/0x64\n usb_udc_uevent+0x54/0xe0\n\nEvidently this was caused by the scope of udc_mutex being too large.\nThe mutex is only meant to protect udc-\u003edriver along with a few other\nthings. As far as I can tell, there\u0027s no reason for the mutex to be\nheld while the gadget core calls a gadget driver\u0027s -\u003ebind or -\u003eunbind\nroutine, or while a UDC is being started or stopped. (This accounts\nfor link #1 in the chain above, where the mutex is held while the\ndwc2_hsotg_udc is started as part of driver probing.)\n\nGadget drivers\u0027 -\u003edisconnect callbacks are problematic. Even though\nusb_gadget_disconnect() will now acquire the udc_mutex, there\u0027s a\nwindow in usb_gadget_bind_driver() between the times when the mutex is\nreleased and the -\u003ebind callback is invoked. If a disconnect occurred\nduring that window, we could call the driver\u0027s -\u003edisconnect routine\nbefore its -\u003ebind routine. To prevent this from happening, it will be\nnecessary to prevent a UDC from connecting while it has no gadget\ndriver. This should be done already but it doesn\u0027t seem to be;\ncurrently usb_gadget_connect() has no check for this. Such a check\nwill have to be added later.\n\nSome degree of mutual exclusion is required in soft_connect_store(),\nwhich can dereference udc-\u003edriver at arbitrary times since it is a\nsysfs callback. The solution here is to acquire the gadget\u0027s device\nlock rather than the udc_mutex. Since the driver core guarantees that\nthe device lock is always held during driver binding and unbinding,\nthis will make the accesses in soft_connect_store() mutually exclusive\nwith any changes to udc-\u003edriver.\n\nLastly, it turns out there is one place which should hold the\nudc_mutex but currently does not: The function_show() routine needs\nprotection while it dereferences udc-\u003edriver. The missing lock and\nunlock calls are added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49943",
"url": "https://www.suse.com/security/cve/CVE-2022-49943"
},
{
"category": "external",
"summary": "SUSE Bug 1244904 for CVE-2022-49943",
"url": "https://bugzilla.suse.com/1244904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49943"
},
{
"cve": "CVE-2022-49944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"usb: typec: ucsi: add a common function ucsi_unregister_connectors()\"\n\nThe recent commit 87d0e2f41b8c (\"usb: typec: ucsi: add a common\nfunction ucsi_unregister_connectors()\") introduced a regression that\ncaused NULL dereference at reading the power supply sysfs. It\u0027s a\nstale sysfs entry that should have been removed but remains with NULL\nops. The commit changed the error handling to skip the entries after\na NULL con-\u003ewq, and this leaves the power device unreleased.\n\nFor addressing the regression, the straight revert is applied here.\nFurther code improvements can be done from the scratch again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49944",
"url": "https://www.suse.com/security/cve/CVE-2022-49944"
},
{
"category": "external",
"summary": "SUSE Bug 1244905 for CVE-2022-49944",
"url": "https://bugzilla.suse.com/1244905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49944"
},
{
"cve": "CVE-2022-49945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (gpio-fan) Fix array out of bounds access\n\nThe driver does not check if the cooling state passed to\ngpio_fan_set_cur_state() exceeds the maximum cooling state as\nstored in fan_data-\u003enum_speeds. Since the cooling state is later\nused as an array index in set_fan_speed(), an array out of bounds\naccess can occur.\nThis can be exploited by setting the state of the thermal cooling device\nto arbitrary values, causing for example a kernel oops when unavailable\nmemory is accessed this way.\n\nExample kernel oops:\n[ 807.987276] Unable to handle kernel paging request at virtual address ffffff80d0588064\n[ 807.987369] Mem abort info:\n[ 807.987398] ESR = 0x96000005\n[ 807.987428] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 807.987477] SET = 0, FnV = 0\n[ 807.987507] EA = 0, S1PTW = 0\n[ 807.987536] FSC = 0x05: level 1 translation fault\n[ 807.987570] Data abort info:\n[ 807.987763] ISV = 0, ISS = 0x00000005\n[ 807.987801] CM = 0, WnR = 0\n[ 807.987832] swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000001165000\n[ 807.987872] [ffffff80d0588064] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 807.987961] Internal error: Oops: 96000005 [#1] PREEMPT SMP\n[ 807.987992] Modules linked in: cmac algif_hash aes_arm64 algif_skcipher af_alg bnep hci_uart btbcm bluetooth ecdh_generic ecc 8021q garp stp llc snd_soc_hdmi_codec brcmfmac vc4 brcmutil cec drm_kms_helper snd_soc_core cfg80211 snd_compress bcm2835_codec(C) snd_pcm_dmaengine syscopyarea bcm2835_isp(C) bcm2835_v4l2(C) sysfillrect v4l2_mem2mem bcm2835_mmal_vchiq(C) raspberrypi_hwmon sysimgblt videobuf2_dma_contig videobuf2_vmalloc fb_sys_fops videobuf2_memops rfkill videobuf2_v4l2 videobuf2_common i2c_bcm2835 snd_bcm2835(C) videodev snd_pcm snd_timer snd mc vc_sm_cma(C) gpio_fan uio_pdrv_genirq uio drm fuse drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 807.988508] CPU: 0 PID: 1321 Comm: bash Tainted: G C 5.15.56-v8+ #1575\n[ 807.988548] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 807.988574] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 807.988608] pc : set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.988654] lr : gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.988691] sp : ffffffc008cf3bd0\n[ 807.988710] x29: ffffffc008cf3bd0 x28: ffffff80019edac0 x27: 0000000000000000\n[ 807.988762] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800747c920\n[ 807.988787] x23: 000000000000000a x22: ffffff800369f000 x21: 000000001999997c\n[ 807.988854] x20: ffffff800369f2e8 x19: ffffff8002ae8080 x18: 0000000000000000\n[ 807.988877] x17: 0000000000000000 x16: 0000000000000000 x15: 000000559e271b70\n[ 807.988938] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 807.988960] x11: 0000000000000000 x10: ffffffc008cf3c20 x9 : ffffffcfb60c741c\n[ 807.989018] x8 : 000000000000000a x7 : 00000000ffffffc9 x6 : 0000000000000009\n[ 807.989040] x5 : 000000000000002a x4 : 0000000000000000 x3 : ffffff800369f2e8\n[ 807.989062] x2 : 000000000000e780 x1 : 0000000000000001 x0 : ffffff80d0588060\n[ 807.989084] Call trace:\n[ 807.989091] set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.989113] gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.989199] cur_state_store+0x84/0xd0\n[ 807.989221] dev_attr_store+0x20/0x38\n[ 807.989262] sysfs_kf_write+0x4c/0x60\n[ 807.989282] kernfs_fop_write_iter+0x130/0x1c0\n[ 807.989298] new_sync_write+0x10c/0x190\n[ 807.989315] vfs_write+0x254/0x378\n[ 807.989362] ksys_write+0x70/0xf8\n[ 807.989379] __arm64_sys_write+0x24/0x30\n[ 807.989424] invoke_syscall+0x4c/0x110\n[ 807.989442] el0_svc_common.constprop.3+0xfc/0x120\n[ 807.989458] do_el0_svc+0x2c/0x90\n[ 807.989473] el0_svc+0x24/0x60\n[ 807.989544] el0t_64_sync_handler+0x90/0xb8\n[ 807.989558] el0t_64_sync+0x1a0/0x1a4\n[ 807.989579] Code: b9403801 f9402800 7100003f 8b35cc00 (b9400416)\n[ 807.989627] ---[ end t\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49945",
"url": "https://www.suse.com/security/cve/CVE-2022-49945"
},
{
"category": "external",
"summary": "SUSE Bug 1244908 for CVE-2022-49945",
"url": "https://bugzilla.suse.com/1244908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49945"
},
{
"cve": "CVE-2022-49946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Prevent out-of-bounds access\n\nThe while loop in raspberrypi_discover_clocks() relies on the assumption\nthat the id of the last clock element is zero. Because this data comes\nfrom the Videocore firmware and it doesn\u0027t guarantuee such a behavior\nthis could lead to out-of-bounds access. So fix this by providing\na sentinel element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49946",
"url": "https://www.suse.com/security/cve/CVE-2022-49946"
},
{
"category": "external",
"summary": "SUSE Bug 1244944 for CVE-2022-49946",
"url": "https://bugzilla.suse.com/1244944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49946"
},
{
"cve": "CVE-2022-49948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: Clear selection before changing the font\n\nWhen changing the console font with ioctl(KDFONTOP) the new font size\ncan be bigger than the previous font. A previous selection may thus now\nbe outside of the new screen size and thus trigger out-of-bounds\naccesses to graphics memory if the selection is removed in\nvc_do_resize().\n\nPrevent such out-of-memory accesses by dropping the selection before the\nvarious con_font_set() console handlers are called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49948",
"url": "https://www.suse.com/security/cve/CVE-2022-49948"
},
{
"category": "external",
"summary": "SUSE Bug 1245058 for CVE-2022-49948",
"url": "https://bugzilla.suse.com/1245058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49948"
},
{
"cve": "CVE-2022-49949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware_loader: Fix memory leak in firmware upload\n\nIn the case of firmware-upload, an instance of struct fw_upload is\nallocated in firmware_upload_register(). This data needs to be freed\nin fw_dev_release(). Create a new fw_upload_free() function in\nsysfs_upload.c to handle the firmware-upload specific memory frees\nand incorporate the missing kfree call for the fw_upload structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49949",
"url": "https://www.suse.com/security/cve/CVE-2022-49949"
},
{
"category": "external",
"summary": "SUSE Bug 1244928 for CVE-2022-49949",
"url": "https://bugzilla.suse.com/1244928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49949"
},
{
"cve": "CVE-2022-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix memory corruption on open\n\nThe probe session-duplication overflow check incremented the session\ncount also when there were no more available sessions so that memory\nbeyond the fixed-size slab-allocated session array could be corrupted in\nfastrpc_session_alloc() on open().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49950",
"url": "https://www.suse.com/security/cve/CVE-2022-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1244958 for CVE-2022-49950",
"url": "https://bugzilla.suse.com/1244958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49950"
},
{
"cve": "CVE-2022-49951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware_loader: Fix use-after-free during unregister\n\nIn the following code within firmware_upload_unregister(), the call to\ndevice_unregister() could result in the dev_release function freeing the\nfw_upload_priv structure before it is dereferenced for the call to\nmodule_put(). This bug was found by the kernel test robot using\nCONFIG_KASAN while running the firmware selftests.\n\n device_unregister(\u0026fw_sysfs-\u003edev);\n module_put(fw_upload_priv-\u003emodule);\n\nThe problem is fixed by copying fw_upload_priv-\u003emodule to a local variable\nfor use when calling device_unregister().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49951",
"url": "https://www.suse.com/security/cve/CVE-2022-49951"
},
{
"category": "external",
"summary": "SUSE Bug 1244940 for CVE-2022-49951",
"url": "https://bugzilla.suse.com/1244940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49951"
},
{
"cve": "CVE-2022-49952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix memory corruption on probe\n\nAdd the missing sanity check on the probed-session count to avoid\ncorrupting memory beyond the fixed-size slab-allocated session array\nwhen there are more than FASTRPC_MAX_SESSIONS sessions defined in the\ndevicetree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49952",
"url": "https://www.suse.com/security/cve/CVE-2022-49952"
},
{
"category": "external",
"summary": "SUSE Bug 1244945 for CVE-2022-49952",
"url": "https://bugzilla.suse.com/1244945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49952"
},
{
"cve": "CVE-2022-49954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n\nsyzbot is reporting hung task at __input_unregister_device() [1], for\niforce_close() waiting at wait_event_interruptible() with dev-\u003emutex held\nis blocking input_disconnect_device() from __input_unregister_device().\n\nIt seems that the cause is simply that commit c2b27ef672992a20 (\"Input:\niforce - wait for command completion when closing the device\") forgot to\ncall wake_up() after clear_bit().\n\nFix this problem by introducing a helper that calls clear_bit() followed\nby wake_up_all().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49954",
"url": "https://www.suse.com/security/cve/CVE-2022-49954"
},
{
"category": "external",
"summary": "SUSE Bug 1244976 for CVE-2022-49954",
"url": "https://bugzilla.suse.com/1244976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49954"
},
{
"cve": "CVE-2022-49956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use after free bugs\n\n_Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl()\nfunctions don\u0027t do anything except free the \"pcmd\" pointer. It\nresults in a use after free. Delete them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49956",
"url": "https://www.suse.com/security/cve/CVE-2022-49956"
},
{
"category": "external",
"summary": "SUSE Bug 1244969 for CVE-2022-49956",
"url": "https://bugzilla.suse.com/1244969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49956"
},
{
"cve": "CVE-2022-49957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkcm: fix strp_init() order and cleanup\n\nstrp_init() is called just a few lines above this csk-\u003esk_user_data\ncheck, it also initializes strp-\u003ework etc., therefore, it is\nunnecessary to call strp_done() to cancel the freshly initialized\nwork.\n\nAnd if sk_user_data is already used by KCM, psock-\u003estrp should not be\ntouched, particularly strp-\u003ework state, so we need to move strp_init()\nafter the csk-\u003esk_user_data check.\n\nThis also makes a lockdep warning reported by syzbot go away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49957",
"url": "https://www.suse.com/security/cve/CVE-2022-49957"
},
{
"category": "external",
"summary": "SUSE Bug 1244966 for CVE-2022-49957",
"url": "https://bugzilla.suse.com/1244966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49957"
},
{
"cve": "CVE-2022-49958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix netdevice reference leaks in attach_default_qdiscs()\n\nIn attach_default_qdiscs(), if a dev has multiple queues and queue 0 fails\nto attach qdisc because there is no memory in attach_one_default_qdisc().\nThen dev-\u003eqdisc will be noop_qdisc by default. But the other queues may be\nable to successfully attach to default qdisc.\n\nIn this case, the fallback to noqueue process will be triggered. If the\noriginal attached qdisc is not released and a new one is directly\nattached, this will cause netdevice reference leaks.\n\nThe following is the bug log:\n\nveth0: default qdisc (fq_codel) fail, fallback to noqueue\nunregister_netdevice: waiting for veth0 to become free. Usage count = 32\nleaked reference.\n qdisc_alloc+0x12e/0x210\n qdisc_create_dflt+0x62/0x140\n attach_one_default_qdisc.constprop.41+0x44/0x70\n dev_activate+0x128/0x290\n __dev_open+0x12a/0x190\n __dev_change_flags+0x1a2/0x1f0\n dev_change_flags+0x23/0x60\n do_setlink+0x332/0x1150\n __rtnl_newlink+0x52f/0x8e0\n rtnl_newlink+0x43/0x70\n rtnetlink_rcv_msg+0x140/0x3b0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1bb/0x290\n netlink_sendmsg+0x37c/0x4e0\n sock_sendmsg+0x5f/0x70\n ____sys_sendmsg+0x208/0x280\n\nFix this bug by clearing any non-noop qdiscs that may have been assigned\nbefore trying to re-attach.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49958",
"url": "https://www.suse.com/security/cve/CVE-2022-49958"
},
{
"category": "external",
"summary": "SUSE Bug 1244974 for CVE-2022-49958",
"url": "https://bugzilla.suse.com/1244974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49958"
},
{
"cve": "CVE-2022-49960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: fix null pointer dereference\n\nAsus chromebook CX550 crashes during boot on v5.17-rc1 kernel.\nThe root cause is null pointer defeference of bi_next\nin tgl_get_bw_info() in drivers/gpu/drm/i915/display/intel_bw.c.\n\nBUG: kernel NULL pointer dereference, address: 000000000000002e\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 1 Comm: swapper/0 Tainted: G U 5.17.0-rc1\nHardware name: Google Delbin/Delbin, BIOS Google_Delbin.13672.156.3 05/14/2021\nRIP: 0010:tgl_get_bw_info+0x2de/0x510\n...\n[ 2.554467] Call Trace:\n[ 2.554467] \u003cTASK\u003e\n[ 2.554467] intel_bw_init_hw+0x14a/0x434\n[ 2.554467] ? _printk+0x59/0x73\n[ 2.554467] ? _dev_err+0x77/0x91\n[ 2.554467] i915_driver_hw_probe+0x329/0x33e\n[ 2.554467] i915_driver_probe+0x4c8/0x638\n[ 2.554467] i915_pci_probe+0xf8/0x14e\n[ 2.554467] ? _raw_spin_unlock_irqrestore+0x12/0x2c\n[ 2.554467] pci_device_probe+0xaa/0x142\n[ 2.554467] really_probe+0x13f/0x2f4\n[ 2.554467] __driver_probe_device+0x9e/0xd3\n[ 2.554467] driver_probe_device+0x24/0x7c\n[ 2.554467] __driver_attach+0xba/0xcf\n[ 2.554467] ? driver_attach+0x1f/0x1f\n[ 2.554467] bus_for_each_dev+0x8c/0xc0\n[ 2.554467] bus_add_driver+0x11b/0x1f7\n[ 2.554467] driver_register+0x60/0xea\n[ 2.554467] ? mipi_dsi_bus_init+0x16/0x16\n[ 2.554467] i915_init+0x2c/0xb9\n[ 2.554467] ? mipi_dsi_bus_init+0x16/0x16\n[ 2.554467] do_one_initcall+0x12e/0x2b3\n[ 2.554467] do_initcall_level+0xd6/0xf3\n[ 2.554467] do_initcalls+0x4e/0x79\n[ 2.554467] kernel_init_freeable+0xed/0x14d\n[ 2.554467] ? rest_init+0xc1/0xc1\n[ 2.554467] kernel_init+0x1a/0x120\n[ 2.554467] ret_from_fork+0x1f/0x30\n[ 2.554467] \u003c/TASK\u003e\n...\nKernel panic - not syncing: Fatal exception\n\n(cherry picked from commit c247cd03898c4c43c3bce6d4014730403bc13032)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49960",
"url": "https://www.suse.com/security/cve/CVE-2022-49960"
},
{
"category": "external",
"summary": "SUSE Bug 1244911 for CVE-2022-49960",
"url": "https://bugzilla.suse.com/1244911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49960"
},
{
"cve": "CVE-2022-49962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix null pointer dereference in remove if xHC has only one roothub\n\nThe remove path in xhci platform driver tries to remove and put both main\nand shared hcds even if only a main hcd exists (one roothub)\n\nThis causes a null pointer dereference in reboot for those controllers.\n\nCheck that the shared_hcd exists before trying to remove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49962",
"url": "https://www.suse.com/security/cve/CVE-2022-49962"
},
{
"category": "external",
"summary": "SUSE Bug 1244912 for CVE-2022-49962",
"url": "https://bugzilla.suse.com/1244912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49962"
},
{
"cve": "CVE-2022-49963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/ttm: fix CCS handling\n\nCrucible + recent Mesa seems to sometimes hit:\n\nGEM_BUG_ON(num_ccs_blks \u003e NUM_CCS_BLKS_PER_XFER)\n\nAnd it looks like we can also trigger this with gem_lmem_swapping, if we\nmodify the test to use slightly larger object sizes.\n\nLooking closer it looks like we have the following issues in\nmigrate_copy():\n\n - We are using plain integer in various places, which we can easily\n overflow with a large object.\n\n - We pass the entire object size (when the src is lmem) into\n emit_pte() and then try to copy it, which doesn\u0027t work, since we\n only have a few fixed sized windows in which to map the pages and\n perform the copy. With an object \u003e 8M we therefore aren\u0027t properly\n copying the pages. And then with an object \u003e 64M we trigger the\n GEM_BUG_ON(num_ccs_blks \u003e NUM_CCS_BLKS_PER_XFER).\n\nSo it looks like our copy handling for any object \u003e 8M (which is our\nCHUNK_SZ) is currently broken on DG2.\n\nTestcase: igt@gem_lmem_swapping\n(cherry picked from commit 8676145eb2f53a9940ff70910caf0125bd8a4bc2)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49963",
"url": "https://www.suse.com/security/cve/CVE-2022-49963"
},
{
"category": "external",
"summary": "SUSE Bug 1244914 for CVE-2022-49963",
"url": "https://bugzilla.suse.com/1244914"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49963"
},
{
"cve": "CVE-2022-49964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level\n\nThough acpi_find_last_cache_level() always returned signed value and the\ndocument states it will return any errors caused by lack of a PPTT table,\nit never returned negative values before.\n\nCommit 0c80f9e165f8 (\"ACPI: PPTT: Leave the table mapped for the runtime usage\")\nhowever changed it by returning -ENOENT if no PPTT was found. The value\nreturned from acpi_find_last_cache_level() is then assigned to unsigned\nfw_level.\n\nIt will result in the number of cache leaves calculated incorrectly as\na huge value which will then cause the following warning from __alloc_pages\nas the order would be great than MAX_ORDER because of incorrect and huge\ncache leaves value.\n\n | WARNING: CPU: 0 PID: 1 at mm/page_alloc.c:5407 __alloc_pages+0x74/0x314\n | Modules linked in:\n | CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-10393-g7c2a8d3ac4c0 #73\n | pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : __alloc_pages+0x74/0x314\n | lr : alloc_pages+0xe8/0x318\n | Call trace:\n | __alloc_pages+0x74/0x314\n | alloc_pages+0xe8/0x318\n | kmalloc_order_trace+0x68/0x1dc\n | __kmalloc+0x240/0x338\n | detect_cache_attributes+0xe0/0x56c\n | update_siblings_masks+0x38/0x284\n | store_cpu_topology+0x78/0x84\n | smp_prepare_cpus+0x48/0x134\n | kernel_init_freeable+0xc4/0x14c\n | kernel_init+0x2c/0x1b4\n | ret_from_fork+0x10/0x20\n\nFix the same by changing fw_level to be signed integer and return the\nerror from init_cache_level() early in case of error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49964",
"url": "https://www.suse.com/security/cve/CVE-2022-49964"
},
{
"category": "external",
"summary": "SUSE Bug 1245064 for CVE-2022-49964",
"url": "https://bugzilla.suse.com/1245064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49964"
},
{
"cve": "CVE-2022-49965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: add missing -\u003efini_xxxx interfaces for some SMU13 asics\n\nWithout these, potential memory leak may be induced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49965",
"url": "https://www.suse.com/security/cve/CVE-2022-49965"
},
{
"category": "external",
"summary": "SUSE Bug 1245063 for CVE-2022-49965",
"url": "https://bugzilla.suse.com/1245063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49965"
},
{
"cve": "CVE-2022-49966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: add missing -\u003efini_microcode interface for Sienna Cichlid\n\nTo avoid any potential memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49966",
"url": "https://www.suse.com/security/cve/CVE-2022-49966"
},
{
"category": "external",
"summary": "SUSE Bug 1245062 for CVE-2022-49966",
"url": "https://bugzilla.suse.com/1245062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49966"
},
{
"cve": "CVE-2022-49968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nieee802154/adf7242: defer destroy_workqueue call\n\nThere is a possible race condition (use-after-free) like below\n\n (FREE) | (USE)\n adf7242_remove | adf7242_channel\n cancel_delayed_work_sync |\n destroy_workqueue (1) | adf7242_cmd_rx\n | mod_delayed_work (2)\n |\n\nThe root cause for this race is that the upper layer (ieee802154) is\nunaware of this detaching event and the function adf7242_channel can\nbe called without any checks.\n\nTo fix this, we can add a flag write at the beginning of adf7242_remove\nand add flag check in adf7242_channel. Or we can just defer the\ndestructive operation like other commit 3e0588c291d6 (\"hamradio: defer\nax25 kfree after unregister_netdev\") which let the\nieee802154_unregister_hw() to handle the synchronization. This patch\ntakes the second option.\n\nruns\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49968",
"url": "https://www.suse.com/security/cve/CVE-2022-49968"
},
{
"category": "external",
"summary": "SUSE Bug 1244959 for CVE-2022-49968",
"url": "https://bugzilla.suse.com/1244959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49968"
},
{
"cve": "CVE-2022-49969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: clear optc underflow before turn off odm clock\n\n[Why]\nAfter ODM clock off, optc underflow bit will be kept there always and clear not work.\nWe need to clear that before clock off.\n\n[How]\nClear that if have when clock off.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49969",
"url": "https://www.suse.com/security/cve/CVE-2022-49969"
},
{
"category": "external",
"summary": "SUSE Bug 1245060 for CVE-2022-49969",
"url": "https://bugzilla.suse.com/1245060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49969"
},
{
"cve": "CVE-2022-49971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Fix a potential gpu_metrics_table memory leak\n\nMemory is allocated for gpu_metrics_table in\nsmu_v13_0_4_init_smc_tables(), but not freed in\nsmu_v13_0_4_fini_smc_tables(). This may cause memory leaks, fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49971",
"url": "https://www.suse.com/security/cve/CVE-2022-49971"
},
{
"category": "external",
"summary": "SUSE Bug 1245070 for CVE-2022-49971",
"url": "https://bugzilla.suse.com/1245070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49971"
},
{
"cve": "CVE-2022-49972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix corrupted packets for XDP_SHARED_UMEM\n\nFix an issue in XDP_SHARED_UMEM mode together with aligned mode where\npackets are corrupted for the second and any further sockets bound to\nthe same umem. In other words, this does not affect the first socket\nbound to the umem. The culprit for this bug is that the initialization\nof the DMA addresses for the pre-populated xsk buffer pool entries was\nnot performed for any socket but the first one bound to the umem. Only\nthe linear array of DMA addresses was populated. Fix this by populating\nthe DMA addresses in the xsk buffer pool for every socket bound to the\nsame umem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49972",
"url": "https://www.suse.com/security/cve/CVE-2022-49972"
},
{
"category": "external",
"summary": "SUSE Bug 1244960 for CVE-2022-49972",
"url": "https://bugzilla.suse.com/1244960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49972"
},
{
"cve": "CVE-2022-49977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead\n\nftrace_startup does not remove ops from ftrace_ops_list when\nftrace_startup_enable fails:\n\nregister_ftrace_function\n ftrace_startup\n __register_ftrace_function\n ...\n add_ftrace_ops(\u0026ftrace_ops_list, ops)\n ...\n ...\n ftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1\n ...\n return 0 // ops is in the ftrace_ops_list.\n\nWhen ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything:\nunregister_ftrace_function\n ftrace_shutdown\n if (unlikely(ftrace_disabled))\n return -ENODEV; // return here, __unregister_ftrace_function is not executed,\n // as a result, ops is still in the ftrace_ops_list\n __unregister_ftrace_function\n ...\n\nIf ops is dynamically allocated, it will be free later, in this case,\nis_ftrace_trampoline accesses NULL pointer:\n\nis_ftrace_trampoline\n ftrace_ops_trampoline\n do_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL!\n\nSyzkaller reports as follows:\n[ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b\n[ 1203.508039] #PF: supervisor read access in kernel mode\n[ 1203.508798] #PF: error_code(0x0000) - not-present page\n[ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0\n[ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI\n[ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8\n[ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0\n[ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 \u003c48\u003e 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00\n[ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246\n[ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866\n[ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b\n[ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07\n[ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399\n[ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008\n[ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000\n[ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0\n[ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nTherefore, when ftrace_startup_enable fails, we need to rollback registration\nprocess and remove ops from ftrace_ops_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49977",
"url": "https://www.suse.com/security/cve/CVE-2022-49977"
},
{
"category": "external",
"summary": "SUSE Bug 1244936 for CVE-2022-49977",
"url": "https://bugzilla.suse.com/1244936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49977"
},
{
"cve": "CVE-2022-49978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fb_pm2fb: Avoid potential divide by zero error\n\nIn `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be\ncopied from user, then go through `fb_set_var()` and\n`info-\u003efbops-\u003efb_check_var()` which could may be `pm2fb_check_var()`.\nAlong the path, `var-\u003epixclock` won\u0027t be modified. This function checks\nwhether reciprocal of `var-\u003epixclock` is too high. If `var-\u003epixclock` is\nzero, there will be a divide by zero error. So, it is necessary to check\nwhether denominator is zero to avoid crash. As this bug is found by\nSyzkaller, logs are listed below.\n\ndivide error in pm2fb_check_var\nCall Trace:\n \u003cTASK\u003e\n fb_set_var+0x367/0xeb0 drivers/video/fbdev/core/fbmem.c:1015\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49978",
"url": "https://www.suse.com/security/cve/CVE-2022-49978"
},
{
"category": "external",
"summary": "SUSE Bug 1245195 for CVE-2022-49978",
"url": "https://bugzilla.suse.com/1245195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49978"
},
{
"cve": "CVE-2022-49980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: Fix use-after-free Read in usb_udc_uevent()\n\nThe syzbot fuzzer found a race between uevent callbacks and gadget\ndriver unregistration that can cause a use-after-free bug:\n\n---------------------------------------------------------------\nBUG: KASAN: use-after-free in usb_udc_uevent+0x11f/0x130\ndrivers/usb/gadget/udc/core.c:1732\nRead of size 8 at addr ffff888078ce2050 by task udevd/2968\n\nCPU: 1 PID: 2968 Comm: udevd Not tainted 5.19.0-rc4-next-20220628-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n06/29/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x2ba/0x719 mm/kasan/report.c:433\n kasan_report+0xbe/0x1f0 mm/kasan/report.c:495\n usb_udc_uevent+0x11f/0x130 drivers/usb/gadget/udc/core.c:1732\n dev_uevent+0x290/0x770 drivers/base/core.c:2424\n---------------------------------------------------------------\n\nThe bug occurs because usb_udc_uevent() dereferences udc-\u003edriver but\ndoes so without acquiring the udc_lock mutex, which protects this\nfield. If the gadget driver is unbound from the udc concurrently with\nuevent processing, the driver structure may be accessed after it has\nbeen deallocated.\n\nTo prevent the race, we make sure that the routine holds the mutex\naround the racing accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49980",
"url": "https://www.suse.com/security/cve/CVE-2022-49980"
},
{
"category": "external",
"summary": "SUSE Bug 1245110 for CVE-2022-49980",
"url": "https://bugzilla.suse.com/1245110"
},
{
"category": "external",
"summary": "SUSE Bug 1245111 for CVE-2022-49980",
"url": "https://bugzilla.suse.com/1245111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-49980"
},
{
"cve": "CVE-2022-49981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hidraw: fix memory leak in hidraw_release()\n\nFree the buffered reports before deleting the list entry.\n\nBUG: memory leak\nunreferenced object 0xffff88810e72f180 (size 32):\n comm \"softirq\", pid 0, jiffies 4294945143 (age 16.080s)\n hex dump (first 32 bytes):\n 64 f3 c6 6a d1 88 07 04 00 00 00 00 00 00 00 00 d..j............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff814ac6c3\u003e] kmemdup+0x23/0x50 mm/util.c:128\n [\u003cffffffff8357c1d2\u003e] kmemdup include/linux/fortify-string.h:440 [inline]\n [\u003cffffffff8357c1d2\u003e] hidraw_report_event+0xa2/0x150 drivers/hid/hidraw.c:521\n [\u003cffffffff8356ddad\u003e] hid_report_raw_event+0x27d/0x740 drivers/hid/hid-core.c:1992\n [\u003cffffffff8356e41e\u003e] hid_input_report+0x1ae/0x270 drivers/hid/hid-core.c:2065\n [\u003cffffffff835f0d3f\u003e] hid_irq_in+0x1ff/0x250 drivers/hid/usbhid/hid-core.c:284\n [\u003cffffffff82d3c7f9\u003e] __usb_hcd_giveback_urb+0xf9/0x230 drivers/usb/core/hcd.c:1670\n [\u003cffffffff82d3cc26\u003e] usb_hcd_giveback_urb+0x1b6/0x1d0 drivers/usb/core/hcd.c:1747\n [\u003cffffffff82ef1e14\u003e] dummy_timer+0x8e4/0x14c0 drivers/usb/gadget/udc/dummy_hcd.c:1988\n [\u003cffffffff812f50a8\u003e] call_timer_fn+0x38/0x200 kernel/time/timer.c:1474\n [\u003cffffffff812f5586\u003e] expire_timers kernel/time/timer.c:1519 [inline]\n [\u003cffffffff812f5586\u003e] __run_timers.part.0+0x316/0x430 kernel/time/timer.c:1790\n [\u003cffffffff812f56e4\u003e] __run_timers kernel/time/timer.c:1768 [inline]\n [\u003cffffffff812f56e4\u003e] run_timer_softirq+0x44/0x90 kernel/time/timer.c:1803\n [\u003cffffffff848000e6\u003e] __do_softirq+0xe6/0x2ea kernel/softirq.c:571\n [\u003cffffffff81246db0\u003e] invoke_softirq kernel/softirq.c:445 [inline]\n [\u003cffffffff81246db0\u003e] __irq_exit_rcu kernel/softirq.c:650 [inline]\n [\u003cffffffff81246db0\u003e] irq_exit_rcu+0xc0/0x110 kernel/softirq.c:662\n [\u003cffffffff84574f02\u003e] sysvec_apic_timer_interrupt+0xa2/0xd0 arch/x86/kernel/apic/apic.c:1106\n [\u003cffffffff84600c8b\u003e] asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:649\n [\u003cffffffff8458a070\u003e] native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]\n [\u003cffffffff8458a070\u003e] arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]\n [\u003cffffffff8458a070\u003e] acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]\n [\u003cffffffff8458a070\u003e] acpi_idle_do_entry+0xc0/0xd0 drivers/acpi/processor_idle.c:554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49981",
"url": "https://www.suse.com/security/cve/CVE-2022-49981"
},
{
"category": "external",
"summary": "SUSE Bug 1245072 for CVE-2022-49981",
"url": "https://bugzilla.suse.com/1245072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49981"
},
{
"cve": "CVE-2022-49982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix memory leak in pvr_probe\n\nThe error handling code in pvr2_hdw_create forgets to unregister the\nv4l2 device. When pvr2_hdw_create returns back to pvr2_context_create,\nit calls pvr2_context_destroy to destroy context, but mp-\u003ehdw is NULL,\nwhich leads to that pvr2_hdw_destroy directly returns.\n\nFix this by adding v4l2_device_unregister to decrease the refcount of\nusb interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49982",
"url": "https://www.suse.com/security/cve/CVE-2022-49982"
},
{
"category": "external",
"summary": "SUSE Bug 1245069 for CVE-2022-49982",
"url": "https://bugzilla.suse.com/1245069"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49982"
},
{
"cve": "CVE-2022-49983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: Set the DMA mask for the udmabuf device (v2)\n\nIf the DMA mask is not set explicitly, the following warning occurs\nwhen the userspace tries to access the dma-buf via the CPU as\nreported by syzbot here:\n\nWARNING: CPU: 1 PID: 3595 at kernel/dma/mapping.c:188\n__dma_map_sg_attrs+0x181/0x1f0 kernel/dma/mapping.c:188\nModules linked in:\nCPU: 0 PID: 3595 Comm: syz-executor249 Not tainted\n5.17.0-rc2-syzkaller-00316-g0457e5153e0e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS\nGoogle 01/01/2011\nRIP: 0010:__dma_map_sg_attrs+0x181/0x1f0 kernel/dma/mapping.c:188\nCode: 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 71 4c 8b 3d c0\n83 b5 0d e9 db fe ff ff e8 b6 0f 13 00 0f 0b e8 af 0f 13 00 \u003c0f\u003e 0b 45\n 31 e4 e9 54 ff ff ff e8 a0 0f 13 00 49 8d 7f 50 48 b8 00\nRSP: 0018:ffffc90002a07d68 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88807e25e2c0 RSI: ffffffff81649e91 RDI: ffff88801b848408\nRBP: ffff88801b848000 R08: 0000000000000002 R09: ffff88801d86c74f\nR10: ffffffff81649d72 R11: 0000000000000001 R12: 0000000000000002\nR13: ffff88801d86c680 R14: 0000000000000001 R15: 0000000000000000\nFS: 0000555556e30300(0000) GS:ffff8880b9d00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200000cc CR3: 000000001d74a000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n dma_map_sgtable+0x70/0xf0 kernel/dma/mapping.c:264\n get_sg_table.isra.0+0xe0/0x160 drivers/dma-buf/udmabuf.c:72\n begin_cpu_udmabuf+0x130/0x1d0 drivers/dma-buf/udmabuf.c:126\n dma_buf_begin_cpu_access+0xfd/0x1d0 drivers/dma-buf/dma-buf.c:1164\n dma_buf_ioctl+0x259/0x2b0 drivers/dma-buf/dma-buf.c:363\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:874 [inline]\n __se_sys_ioctl fs/ioctl.c:860 [inline]\n __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:860\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f62fcf530f9\nCode: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89\nf7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01\nf0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe3edab9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f62fcf530f9\nRDX: 0000000020000200 RSI: 0000000040086200 RDI: 0000000000000006\nRBP: 00007f62fcf170e0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f62fcf17170\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nv2: Dont\u0027t forget to deregister if DMA mask setup fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49983",
"url": "https://www.suse.com/security/cve/CVE-2022-49983"
},
{
"category": "external",
"summary": "SUSE Bug 1245092 for CVE-2022-49983",
"url": "https://bugzilla.suse.com/1245092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49983"
},
{
"cve": "CVE-2022-49984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n\nIt is possible for a malicious device to forgo submitting a Feature\nReport. The HID Steam driver presently makes no prevision for this\nand de-references the \u0027struct hid_report\u0027 pointer obtained from the\nHID devices without first checking its validity. Let\u0027s change that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49984",
"url": "https://www.suse.com/security/cve/CVE-2022-49984"
},
{
"category": "external",
"summary": "SUSE Bug 1244950 for CVE-2022-49984",
"url": "https://bugzilla.suse.com/1244950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49984"
},
{
"cve": "CVE-2022-49985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Don\u0027t use tnum_range on array range checking for poke descriptors\n\nHsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which\nis based on a customized syzkaller:\n\n BUG: KASAN: slab-out-of-bounds in bpf_int_jit_compile+0x1257/0x13f0\n Read of size 8 at addr ffff888004e90b58 by task syz-executor.0/1489\n CPU: 1 PID: 1489 Comm: syz-executor.0 Not tainted 5.19.0 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x9c/0xc9\n print_address_description.constprop.0+0x1f/0x1f0\n ? bpf_int_jit_compile+0x1257/0x13f0\n kasan_report.cold+0xeb/0x197\n ? kvmalloc_node+0x170/0x200\n ? bpf_int_jit_compile+0x1257/0x13f0\n bpf_int_jit_compile+0x1257/0x13f0\n ? arch_prepare_bpf_dispatcher+0xd0/0xd0\n ? rcu_read_lock_sched_held+0x43/0x70\n bpf_prog_select_runtime+0x3e8/0x640\n ? bpf_obj_name_cpy+0x149/0x1b0\n bpf_prog_load+0x102f/0x2220\n ? __bpf_prog_put.constprop.0+0x220/0x220\n ? find_held_lock+0x2c/0x110\n ? __might_fault+0xd6/0x180\n ? lock_downgrade+0x6e0/0x6e0\n ? lock_is_held_type+0xa6/0x120\n ? __might_fault+0x147/0x180\n __sys_bpf+0x137b/0x6070\n ? bpf_perf_link_attach+0x530/0x530\n ? new_sync_read+0x600/0x600\n ? __fget_files+0x255/0x450\n ? lock_downgrade+0x6e0/0x6e0\n ? fput+0x30/0x1a0\n ? ksys_write+0x1a8/0x260\n __x64_sys_bpf+0x7a/0xc0\n ? syscall_enter_from_user_mode+0x21/0x70\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f917c4e2c2d\n\nThe problem here is that a range of tnum_range(0, map-\u003emax_entries - 1) has\nlimited ability to represent the concrete tight range with the tnum as the\nset of resulting states from value + mask can result in a superset of the\nactual intended range, and as such a tnum_in(range, reg-\u003evar_off) check may\nyield true when it shouldn\u0027t, for example tnum_range(0, 2) would result in\n00XX -\u003e v = 0000, m = 0011 such that the intended set of {0, 1, 2} is here\nrepresented by a less precise superset of {0, 1, 2, 3}. As the register is\nknown const scalar, really just use the concrete reg-\u003evar_off.value for the\nupper index check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49985",
"url": "https://www.suse.com/security/cve/CVE-2022-49985"
},
{
"category": "external",
"summary": "SUSE Bug 1244956 for CVE-2022-49985",
"url": "https://bugzilla.suse.com/1244956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49985"
},
{
"cve": "CVE-2022-49986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq\n\nstorvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it\ndoesn\u0027t need to make forward progress under memory pressure. Marking this\nworkqueue as WQ_MEM_RECLAIM may cause deadlock while flushing a\nnon-WQ_MEM_RECLAIM workqueue. In the current state it causes the following\nwarning:\n\n[ 14.506347] ------------[ cut here ]------------\n[ 14.506354] workqueue: WQ_MEM_RECLAIM storvsc_error_wq_0:storvsc_remove_lun is flushing !WQ_MEM_RECLAIM events_freezable_power_:disk_events_workfn\n[ 14.506360] WARNING: CPU: 0 PID: 8 at \u003c-snip-\u003ekernel/workqueue.c:2623 check_flush_dependency+0xb5/0x130\n[ 14.506390] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted 5.4.0-1086-azure #91~18.04.1-Ubuntu\n[ 14.506391] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 14.506393] Workqueue: storvsc_error_wq_0 storvsc_remove_lun\n[ 14.506395] RIP: 0010:check_flush_dependency+0xb5/0x130\n\t\t\u003c-snip-\u003e\n[ 14.506408] Call Trace:\n[ 14.506412] __flush_work+0xf1/0x1c0\n[ 14.506414] __cancel_work_timer+0x12f/0x1b0\n[ 14.506417] ? kernfs_put+0xf0/0x190\n[ 14.506418] cancel_delayed_work_sync+0x13/0x20\n[ 14.506420] disk_block_events+0x78/0x80\n[ 14.506421] del_gendisk+0x3d/0x2f0\n[ 14.506423] sr_remove+0x28/0x70\n[ 14.506427] device_release_driver_internal+0xef/0x1c0\n[ 14.506428] device_release_driver+0x12/0x20\n[ 14.506429] bus_remove_device+0xe1/0x150\n[ 14.506431] device_del+0x167/0x380\n[ 14.506432] __scsi_remove_device+0x11d/0x150\n[ 14.506433] scsi_remove_device+0x26/0x40\n[ 14.506434] storvsc_remove_lun+0x40/0x60\n[ 14.506436] process_one_work+0x209/0x400\n[ 14.506437] worker_thread+0x34/0x400\n[ 14.506439] kthread+0x121/0x140\n[ 14.506440] ? process_one_work+0x400/0x400\n[ 14.506441] ? kthread_park+0x90/0x90\n[ 14.506443] ret_from_fork+0x35/0x40\n[ 14.506445] ---[ end trace 2d9633159fdc6ee7 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49986",
"url": "https://www.suse.com/security/cve/CVE-2022-49986"
},
{
"category": "external",
"summary": "SUSE Bug 1244948 for CVE-2022-49986",
"url": "https://bugzilla.suse.com/1244948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49986"
},
{
"cve": "CVE-2022-49987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: call __md_stop_writes in md_stop\n\nFrom the link [1], we can see raid1d was running even after the path\nraid_dtr -\u003e md_stop -\u003e __md_stop.\n\nLet\u0027s stop write first in destructor to align with normal md-raid to\nfix the KASAN issue.\n\n[1]. https://lore.kernel.org/linux-raid/CAPhsuW5gc4AakdGNdF8ubpezAuDLFOYUO_sfMZcec6hQFm8nhg@mail.gmail.com/T/#m7f12bf90481c02c6d2da68c64aeed4779b7df74a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49987",
"url": "https://www.suse.com/security/cve/CVE-2022-49987"
},
{
"category": "external",
"summary": "SUSE Bug 1245024 for CVE-2022-49987",
"url": "https://bugzilla.suse.com/1245024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49987"
},
{
"cve": "CVE-2022-49989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/privcmd: fix error exit of privcmd_ioctl_dm_op()\n\nThe error exit of privcmd_ioctl_dm_op() is calling unlock_pages()\npotentially with pages being NULL, leading to a NULL dereference.\n\nAdditionally lock_pages() doesn\u0027t check for pin_user_pages_fast()\nhaving been completely successful, resulting in potentially not\nlocking all pages into memory. This could result in sporadic failures\nwhen using the related memory in user mode.\n\nFix all of that by calling unlock_pages() always with the real number\nof pinned pages, which will be zero in case pages being NULL, and by\nchecking the number of pages pinned by pin_user_pages_fast() matching\nthe expected number of pages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49989",
"url": "https://www.suse.com/security/cve/CVE-2022-49989"
},
{
"category": "external",
"summary": "SUSE Bug 1245007 for CVE-2022-49989",
"url": "https://bugzilla.suse.com/1245007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49989"
},
{
"cve": "CVE-2022-49990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390: fix double free of GS and RI CBs on fork() failure\n\nThe pointers for guarded storage and runtime instrumentation control\nblocks are stored in the thread_struct of the associated task. These\npointers are initially copied on fork() via arch_dup_task_struct()\nand then cleared via copy_thread() before fork() returns. If fork()\nhappens to fail after the initial task dup and before copy_thread(),\nthe newly allocated task and associated thread_struct memory are\nfreed via free_task() -\u003e arch_release_task_struct(). This results in\na double free of the guarded storage and runtime info structs\nbecause the fields in the failed task still refer to memory\nassociated with the source task.\n\nThis problem can manifest as a BUG_ON() in set_freepointer() (with\nCONFIG_SLAB_FREELIST_HARDENED enabled) or KASAN splat (if enabled)\nwhen running trinity syscall fuzz tests on s390x. To avoid this\nproblem, clear the associated pointer fields in\narch_dup_task_struct() immediately after the new task is copied.\nNote that the RI flag is still cleared in copy_thread() because it\nresides in thread stack memory and that is where stack info is\ncopied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49990",
"url": "https://www.suse.com/security/cve/CVE-2022-49990"
},
{
"category": "external",
"summary": "SUSE Bug 1245006 for CVE-2022-49990",
"url": "https://bugzilla.suse.com/1245006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49990"
},
{
"cve": "CVE-2022-49993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Check for overflow while configuring loop\n\nThe userspace can configure a loop using an ioctl call, wherein\na configuration of type loop_config is passed (see lo_ioctl()\u0027s\ncase on line 1550 of drivers/block/loop.c). This proceeds to call\nloop_configure() which in turn calls loop_set_status_from_info()\n(see line 1050 of loop.c), passing \u0026config-\u003einfo which is of type\nloop_info64*. This function then sets the appropriate values, like\nthe offset.\n\nloop_device has lo_offset of type loff_t (see line 52 of loop.c),\nwhich is typdef-chained to long long, whereas loop_info64 has\nlo_offset of type __u64 (see line 56 of include/uapi/linux/loop.h).\n\nThe function directly copies offset from info to the device as\nfollows (See line 980 of loop.c):\n\tlo-\u003elo_offset = info-\u003elo_offset;\n\nThis results in an overflow, which triggers a warning in iomap_iter()\ndue to a call to iomap_iter_done() which has:\n\tWARN_ON_ONCE(iter-\u003eiomap.offset \u003e iter-\u003epos);\n\nThus, check for negative value during loop_set_status_from_info().\n\nBug report: https://syzkaller.appspot.com/bug?id=c620fe14aac810396d3c3edc9ad73848bf69a29e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49993",
"url": "https://www.suse.com/security/cve/CVE-2022-49993"
},
{
"category": "external",
"summary": "SUSE Bug 1245121 for CVE-2022-49993",
"url": "https://bugzilla.suse.com/1245121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49993"
},
{
"cve": "CVE-2022-49995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwriteback: avoid use-after-free after removing device\n\nWhen a disk is removed, bdi_unregister gets called to stop further\nwriteback and wait for associated delayed work to complete. However,\nwb_inode_writeback_end() may schedule bandwidth estimation dwork after\nthis has completed, which can result in the timer attempting to access the\njust freed bdi_writeback.\n\nFix this by checking if the bdi_writeback is alive, similar to when\nscheduling writeback work.\n\nSince this requires wb-\u003ework_lock, and wb_inode_writeback_end() may get\ncalled from interrupt, switch wb-\u003ework_lock to an irqsafe lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49995",
"url": "https://www.suse.com/security/cve/CVE-2022-49995"
},
{
"category": "external",
"summary": "SUSE Bug 1245012 for CVE-2022-49995",
"url": "https://bugzilla.suse.com/1245012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49995"
},
{
"cve": "CVE-2022-49999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix space cache corruption and potential double allocations\n\nWhen testing space_cache v2 on a large set of machines, we encountered a\nfew symptoms:\n\n1. \"unable to add free space :-17\" (EEXIST) errors.\n2. Missing free space info items, sometimes caught with a \"missing free\n space info for X\" error.\n3. Double-accounted space: ranges that were allocated in the extent tree\n and also marked as free in the free space tree, ranges that were\n marked as allocated twice in the extent tree, or ranges that were\n marked as free twice in the free space tree. If the latter made it\n onto disk, the next reboot would hit the BUG_ON() in\n add_new_free_space().\n4. On some hosts with no on-disk corruption or error messages, the\n in-memory space cache (dumped with drgn) disagreed with the free\n space tree.\n\nAll of these symptoms have the same underlying cause: a race between\ncaching the free space for a block group and returning free space to the\nin-memory space cache for pinned extents causes us to double-add a free\nrange to the space cache. This race exists when free space is cached\nfrom the free space tree (space_cache=v2) or the extent tree\n(nospace_cache, or space_cache=v1 if the cache needs to be regenerated).\nstruct btrfs_block_group::last_byte_to_unpin and struct\nbtrfs_block_group::progress are supposed to protect against this race,\nbut commit d0c2f4fa555e (\"btrfs: make concurrent fsyncs wait less when\nwaiting for a transaction commit\") subtly broke this by allowing\nmultiple transactions to be unpinning extents at the same time.\n\nSpecifically, the race is as follows:\n\n1. An extent is deleted from an uncached block group in transaction A.\n2. btrfs_commit_transaction() is called for transaction A.\n3. btrfs_run_delayed_refs() -\u003e __btrfs_free_extent() runs the delayed\n ref for the deleted extent.\n4. __btrfs_free_extent() -\u003e do_free_extent_accounting() -\u003e\n add_to_free_space_tree() adds the deleted extent back to the free\n space tree.\n5. do_free_extent_accounting() -\u003e btrfs_update_block_group() -\u003e\n btrfs_cache_block_group() queues up the block group to get cached.\n block_group-\u003eprogress is set to block_group-\u003estart.\n6. btrfs_commit_transaction() for transaction A calls\n switch_commit_roots(). It sets block_group-\u003elast_byte_to_unpin to\n block_group-\u003eprogress, which is block_group-\u003estart because the block\n group hasn\u0027t been cached yet.\n7. The caching thread gets to our block group. Since the commit roots\n were already switched, load_free_space_tree() sees the deleted extent\n as free and adds it to the space cache. It finishes caching and sets\n block_group-\u003eprogress to U64_MAX.\n8. btrfs_commit_transaction() advances transaction A to\n TRANS_STATE_SUPER_COMMITTED.\n9. fsync calls btrfs_commit_transaction() for transaction B. Since\n transaction A is already in TRANS_STATE_SUPER_COMMITTED and the\n commit is for fsync, it advances.\n10. btrfs_commit_transaction() for transaction B calls\n switch_commit_roots(). This time, the block group has already been\n cached, so it sets block_group-\u003elast_byte_to_unpin to U64_MAX.\n11. btrfs_commit_transaction() for transaction A calls\n btrfs_finish_extent_commit(), which calls unpin_extent_range() for\n the deleted extent. It sees last_byte_to_unpin set to U64_MAX (by\n transaction B!), so it adds the deleted extent to the space cache\n again!\n\nThis explains all of our symptoms above:\n\n* If the sequence of events is exactly as described above, when the free\n space is re-added in step 11, it will fail with EEXIST.\n* If another thread reallocates the deleted extent in between steps 7\n and 11, then step 11 will silently re-add that space to the space\n cache as free even though it is actually allocated. Then, if that\n space is allocated *again*, the free space tree will be corrupted\n (namely, the wrong item will be deleted).\n* If we don\u0027t catch this free space tree corr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49999",
"url": "https://www.suse.com/security/cve/CVE-2022-49999"
},
{
"category": "external",
"summary": "SUSE Bug 1245019 for CVE-2022-49999",
"url": "https://bugzilla.suse.com/1245019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-49999"
},
{
"cve": "CVE-2022-50002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: LAG, fix logic over MLX5_LAG_FLAG_NDEVS_READY\n\nOnly set MLX5_LAG_FLAG_NDEVS_READY if both netdevices are registered.\nDoing so guarantees that both ldev-\u003epf[MLX5_LAG_P0].dev and\nldev-\u003epf[MLX5_LAG_P1].dev have valid pointers when\nMLX5_LAG_FLAG_NDEVS_READY is set.\n\nThe core issue is asymmetry in setting MLX5_LAG_FLAG_NDEVS_READY and\nclearing it. Setting it is done wrongly when both\nldev-\u003epf[MLX5_LAG_P0].dev and ldev-\u003epf[MLX5_LAG_P1].dev are set;\nclearing it is done right when either of ldev-\u003epf[i].netdev is cleared.\n\nConsider the following scenario:\n1. PF0 loads and sets ldev-\u003epf[MLX5_LAG_P0].dev to a valid pointer\n2. PF1 loads and sets both ldev-\u003epf[MLX5_LAG_P1].dev and\n ldev-\u003epf[MLX5_LAG_P1].netdev with valid pointers. This results in\n MLX5_LAG_FLAG_NDEVS_READY is set.\n3. PF0 is unloaded before setting dev-\u003epf[MLX5_LAG_P0].netdev.\n MLX5_LAG_FLAG_NDEVS_READY remains set.\n\nFurther execution of mlx5_do_bond() will result in null pointer\ndereference when calling mlx5_lag_is_multipath()\n\nThis patch fixes the following call trace actually encountered:\n\n[ 1293.475195] BUG: kernel NULL pointer dereference, address: 00000000000009a8\n[ 1293.478756] #PF: supervisor read access in kernel mode\n[ 1293.481320] #PF: error_code(0x0000) - not-present page\n[ 1293.483686] PGD 0 P4D 0\n[ 1293.484434] Oops: 0000 [#1] SMP PTI\n[ 1293.485377] CPU: 1 PID: 23690 Comm: kworker/u16:2 Not tainted 5.18.0-rc5_for_upstream_min_debug_2022_05_05_10_13 #1\n[ 1293.488039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 1293.490836] Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n[ 1293.492448] RIP: 0010:mlx5_lag_is_multipath+0x5/0x50 [mlx5_core]\n[ 1293.494044] Code: e8 70 40 ff e0 48 8b 14 24 48 83 05 5c 1a 1b 00 01 e9 19 ff ff ff 48 83 05 47 1a 1b 00 01 eb d7 0f 1f 44 00 00 0f 1f 44 00 00 \u003c48\u003e 8b 87 a8 09 00 00 48 85 c0 74 26 48 83 05 a7 1b 1b 00 01 41 b8\n[ 1293.498673] RSP: 0018:ffff88811b2fbe40 EFLAGS: 00010202\n[ 1293.500152] RAX: ffff88818a94e1c0 RBX: ffff888165eca6c0 RCX: 0000000000000000\n[ 1293.501841] RDX: 0000000000000001 RSI: ffff88818a94e1c0 RDI: 0000000000000000\n[ 1293.503585] RBP: 0000000000000000 R08: ffff888119886740 R09: ffff888165eca73c\n[ 1293.505286] R10: 0000000000000018 R11: 0000000000000018 R12: ffff88818a94e1c0\n[ 1293.506979] R13: ffff888112729800 R14: 0000000000000000 R15: ffff888112729858\n[ 1293.508753] FS: 0000000000000000(0000) GS:ffff88852cc40000(0000) knlGS:0000000000000000\n[ 1293.510782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1293.512265] CR2: 00000000000009a8 CR3: 00000001032d4002 CR4: 0000000000370ea0\n[ 1293.514001] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1293.515806] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50002",
"url": "https://www.suse.com/security/cve/CVE-2022-50002"
},
{
"category": "external",
"summary": "SUSE Bug 1245023 for CVE-2022-50002",
"url": "https://bugzilla.suse.com/1245023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50002"
},
{
"cve": "CVE-2022-50003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: xsk: prohibit usage of non-balanced queue id\n\nFix the following scenario:\n1. ethtool -L $IFACE rx 8 tx 96\n2. xdpsock -q 10 -t -z\n\nAbove refers to a case where user would like to attach XSK socket in\ntxonly mode at a queue id that does not have a corresponding Rx queue.\nAt this moment ice\u0027s XSK logic is tightly bound to act on a \"queue pair\",\ne.g. both Tx and Rx queues at a given queue id are disabled/enabled and\nboth of them will get XSK pool assigned, which is broken for the presented\nqueue configuration. This results in the splat included at the bottom,\nwhich is basically an OOB access to Rx ring array.\n\nTo fix this, allow using the ids only in scope of \"combined\" queues\nreported by ethtool. However, logic should be rewritten to allow such\nconfigurations later on, which would end up as a complete rewrite of the\ncontrol path, so let us go with this temporary fix.\n\n[420160.558008] BUG: kernel NULL pointer dereference, address: 0000000000000082\n[420160.566359] #PF: supervisor read access in kernel mode\n[420160.572657] #PF: error_code(0x0000) - not-present page\n[420160.579002] PGD 0 P4D 0\n[420160.582756] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[420160.588396] CPU: 10 PID: 21232 Comm: xdpsock Tainted: G OE 5.19.0-rc7+ #10\n[420160.597893] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[420160.609894] RIP: 0010:ice_xsk_pool_setup+0x44/0x7d0 [ice]\n[420160.616968] Code: f3 48 83 ec 40 48 8b 4f 20 48 8b 3f 65 48 8b 04 25 28 00 00 00 48 89 44 24 38 31 c0 48 8d 04 ed 00 00 00 00 48 01 c1 48 8b 11 \u003c0f\u003e b7 92 82 00 00 00 48 85 d2 0f 84 2d 75 00 00 48 8d 72 ff 48 85\n[420160.639421] RSP: 0018:ffffc9002d2afd48 EFLAGS: 00010282\n[420160.646650] RAX: 0000000000000050 RBX: ffff88811d8bdd00 RCX: ffff888112c14ff8\n[420160.655893] RDX: 0000000000000000 RSI: ffff88811d8bdd00 RDI: ffff888109861000\n[420160.665166] RBP: 000000000000000a R08: 000000000000000a R09: 0000000000000000\n[420160.674493] R10: 000000000000889f R11: 0000000000000000 R12: 000000000000000a\n[420160.683833] R13: 000000000000000a R14: 0000000000000000 R15: ffff888117611828\n[420160.693211] FS: 00007fa869fc1f80(0000) GS:ffff8897e0880000(0000) knlGS:0000000000000000\n[420160.703645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[420160.711783] CR2: 0000000000000082 CR3: 00000001d076c001 CR4: 00000000007706e0\n[420160.721399] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[420160.731045] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[420160.740707] PKRU: 55555554\n[420160.745960] Call Trace:\n[420160.750962] \u003cTASK\u003e\n[420160.755597] ? kmalloc_large_node+0x79/0x90\n[420160.762703] ? __kmalloc_node+0x3f5/0x4b0\n[420160.769341] xp_assign_dev+0xfd/0x210\n[420160.775661] ? shmem_file_read_iter+0x29a/0x420\n[420160.782896] xsk_bind+0x152/0x490\n[420160.788943] __sys_bind+0xd0/0x100\n[420160.795097] ? exit_to_user_mode_prepare+0x20/0x120\n[420160.802801] __x64_sys_bind+0x16/0x20\n[420160.809298] do_syscall_64+0x38/0x90\n[420160.815741] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[420160.823731] RIP: 0033:0x7fa86a0dd2fb\n[420160.830264] Code: c3 66 0f 1f 44 00 00 48 8b 15 69 8b 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bc 0f 1f 44 00 00 f3 0f 1e fa b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 3d 8b 0c 00 f7 d8 64 89 01 48\n[420160.855410] RSP: 002b:00007ffc1146f618 EFLAGS: 00000246 ORIG_RAX: 0000000000000031\n[420160.866366] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa86a0dd2fb\n[420160.876957] RDX: 0000000000000010 RSI: 00007ffc1146f680 RDI: 0000000000000003\n[420160.887604] RBP: 000055d7113a0520 R08: 00007fa868fb8000 R09: 0000000080000000\n[420160.898293] R10: 0000000000008001 R11: 0000000000000246 R12: 000055d7113a04e0\n[420160.909038] R13: 000055d7113a0320 R14: 000000000000000a R15: 0000000000000000\n[420160.919817] \u003c/TASK\u003e\n[420160.925659] Modules linked in: ice(OE) af_packet binfmt_misc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50003",
"url": "https://www.suse.com/security/cve/CVE-2022-50003"
},
{
"category": "external",
"summary": "SUSE Bug 1245015 for CVE-2022-50003",
"url": "https://bugzilla.suse.com/1245015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50003"
},
{
"cve": "CVE-2022-50005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout\n\nWhen the pn532 uart device is detaching, the pn532_uart_remove()\nis called. But there are no functions in pn532_uart_remove() that\ncould delete the cmd_timeout timer, which will cause use-after-free\nbugs. The process is shown below:\n\n (thread 1) | (thread 2)\n | pn532_uart_send_frame\npn532_uart_remove | mod_timer(\u0026pn532-\u003ecmd_timeout,...)\n ... | (wait a time)\n kfree(pn532) //FREE | pn532_cmd_timeout\n | pn532_uart_send_frame\n | pn532-\u003e... //USE\n\nThis patch adds del_timer_sync() in pn532_uart_remove() in order to\nprevent the use-after-free bugs. What\u0027s more, the pn53x_unregister_nfc()\nis well synchronized, it sets nfc_dev-\u003eshutting_down to true and there\nare no syscalls could restart the cmd_timeout timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50005",
"url": "https://www.suse.com/security/cve/CVE-2022-50005"
},
{
"category": "external",
"summary": "SUSE Bug 1245011 for CVE-2022-50005",
"url": "https://bugzilla.suse.com/1245011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50005"
},
{
"cve": "CVE-2022-50006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.2 fix problems with __nfs42_ssc_open\n\nA destination server while doing a COPY shouldn\u0027t accept using the\npassed in filehandle if its not a regular filehandle.\n\nIf alloc_file_pseudo() has failed, we need to decrement a reference\non the newly created inode, otherwise it leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50006",
"url": "https://www.suse.com/security/cve/CVE-2022-50006"
},
{
"category": "external",
"summary": "SUSE Bug 1245018 for CVE-2022-50006",
"url": "https://bugzilla.suse.com/1245018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50006"
},
{
"cve": "CVE-2022-50008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: don\u0027t call disarm_kprobe() for disabled kprobes\n\nThe assumption in __disable_kprobe() is wrong, and it could try to disarm\nan already disarmed kprobe and fire the WARN_ONCE() below. [0] We can\neasily reproduce this issue.\n\n1. Write 0 to /sys/kernel/debug/kprobes/enabled.\n\n # echo 0 \u003e /sys/kernel/debug/kprobes/enabled\n\n2. Run execsnoop. At this time, one kprobe is disabled.\n\n # /usr/share/bcc/tools/execsnoop \u0026\n [1] 2460\n PCOMM PID PPID RET ARGS\n\n # cat /sys/kernel/debug/kprobes/list\n ffffffff91345650 r __x64_sys_execve+0x0 [FTRACE]\n ffffffff91345650 k __x64_sys_execve+0x0 [DISABLED][FTRACE]\n\n3. Write 1 to /sys/kernel/debug/kprobes/enabled, which changes\n kprobes_all_disarmed to false but does not arm the disabled kprobe.\n\n # echo 1 \u003e /sys/kernel/debug/kprobes/enabled\n\n # cat /sys/kernel/debug/kprobes/list\n ffffffff91345650 r __x64_sys_execve+0x0 [FTRACE]\n ffffffff91345650 k __x64_sys_execve+0x0 [DISABLED][FTRACE]\n\n4. Kill execsnoop, when __disable_kprobe() calls disarm_kprobe() for the\n disabled kprobe and hits the WARN_ONCE() in __disarm_kprobe_ftrace().\n\n # fg\n /usr/share/bcc/tools/execsnoop\n ^C\n\nActually, WARN_ONCE() is fired twice, and __unregister_kprobe_top() misses\nsome cleanups and leaves the aggregated kprobe in the hash table. Then,\n__unregister_trace_kprobe() initialises tk-\u003erp.kp.list and creates an\ninfinite loop like this.\n\n aggregated kprobe.list -\u003e kprobe.list -.\n ^ |\n \u0027.__.\u0027\n\nIn this situation, these commands fall into the infinite loop and result\nin RCU stall or soft lockup.\n\n cat /sys/kernel/debug/kprobes/list : show_kprobe_addr() enters into the\n infinite loop with RCU.\n\n /usr/share/bcc/tools/execsnoop : warn_kprobe_rereg() holds kprobe_mutex,\n and __get_valid_kprobe() is stuck in\n\t\t\t\t the loop.\n\nTo avoid the issue, make sure we don\u0027t call disarm_kprobe() for disabled\nkprobes.\n\n[0]\nFailed to disarm kprobe-ftrace at __x64_sys_execve+0x0/0x40 (error -2)\nWARNING: CPU: 6 PID: 2460 at kernel/kprobes.c:1130 __disarm_kprobe_ftrace.isra.19 (kernel/kprobes.c:1129)\nModules linked in: ena\nCPU: 6 PID: 2460 Comm: execsnoop Not tainted 5.19.0+ #28\nHardware name: Amazon EC2 c5.2xlarge/, BIOS 1.0 10/16/2017\nRIP: 0010:__disarm_kprobe_ftrace.isra.19 (kernel/kprobes.c:1129)\nCode: 24 8b 02 eb c1 80 3d c4 83 f2 01 00 75 d4 48 8b 75 00 89 c2 48 c7 c7 90 fa 0f 92 89 04 24 c6 05 ab 83 01 e8 e4 94 f0 ff \u003c0f\u003e 0b 8b 04 24 eb b1 89 c6 48 c7 c7 60 fa 0f 92 89 04 24 e8 cc 94\nRSP: 0018:ffff9e6ec154bd98 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffffffff930f7b00 RCX: 0000000000000001\nRDX: 0000000080000001 RSI: ffffffff921461c5 RDI: 00000000ffffffff\nRBP: ffff89c504286da8 R08: 0000000000000000 R09: c0000000fffeffff\nR10: 0000000000000000 R11: ffff9e6ec154bc28 R12: ffff89c502394e40\nR13: ffff89c502394c00 R14: ffff9e6ec154bc00 R15: 0000000000000000\nFS: 00007fe800398740(0000) GS:ffff89c812d80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000c00057f010 CR3: 0000000103b54006 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n __disable_kprobe (kernel/kprobes.c:1716)\n disable_kprobe (kernel/kprobes.c:2392)\n __disable_trace_kprobe (kernel/trace/trace_kprobe.c:340)\n disable_trace_kprobe (kernel/trace/trace_kprobe.c:429)\n perf_trace_event_unreg.isra.2 (./include/linux/tracepoint.h:93 kernel/trace/trace_event_perf.c:168)\n perf_kprobe_destroy (kernel/trace/trace_event_perf.c:295)\n _free_event (kernel/events/core.c:4971)\n perf_event_release_kernel (kernel/events/core.c:5176)\n perf_release (kernel/events/core.c:5186)\n __fput (fs/file_table.c:321)\n task_work_run (./include/linux/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50008",
"url": "https://www.suse.com/security/cve/CVE-2022-50008"
},
{
"category": "external",
"summary": "SUSE Bug 1245009 for CVE-2022-50008",
"url": "https://bugzilla.suse.com/1245009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50008"
},
{
"cve": "CVE-2022-50010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: i740fb: Check the argument of i740_calc_vclk()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug.\n\nIf the user provides an improper \u0027pixclock\u0027 value that makes the argumet\nof i740_calc_vclk() less than \u0027I740_RFREQ_FIX\u0027, it will cause a\ndivide-by-zero bug in:\n drivers/video/fbdev/i740fb.c:353 p_best = min(15, ilog2(I740_MAX_VCO_FREQ / (freq / I740_RFREQ_FIX)));\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:i740_calc_vclk drivers/video/fbdev/i740fb.c:353 [inline]\nRIP: 0010:i740fb_decode_var drivers/video/fbdev/i740fb.c:646 [inline]\nRIP: 0010:i740fb_set_par+0x163f/0x3b70 drivers/video/fbdev/i740fb.c:742\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of i740_calc_vclk() first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50010",
"url": "https://www.suse.com/security/cve/CVE-2022-50010"
},
{
"category": "external",
"summary": "SUSE Bug 1245122 for CVE-2022-50010",
"url": "https://bugzilla.suse.com/1245122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50010"
},
{
"cve": "CVE-2022-50011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvenus: pm_helpers: Fix warning in OPP during probe\n\nFix the following WARN triggered during Venus driver probe on\n5.19.0-rc8-next-20220728:\n\n WARNING: CPU: 7 PID: 339 at drivers/opp/core.c:2471 dev_pm_opp_set_config+0x49c/0x610\n Modules linked in: qcom_spmi_adc5 rtc_pm8xxx qcom_spmi_adc_tm5 leds_qcom_lpg led_class_multicolor\n qcom_pon qcom_vadc_common venus_core(+) qcom_spmi_temp_alarm v4l2_mem2mem videobuf2_v4l2 msm(+)\n videobuf2_common crct10dif_ce spi_geni_qcom snd_soc_sm8250 i2c_qcom_geni gpu_sched\n snd_soc_qcom_common videodev qcom_q6v5_pas soundwire_qcom drm_dp_aux_bus qcom_stats\n drm_display_helper qcom_pil_info soundwire_bus snd_soc_lpass_va_macro mc qcom_q6v5\n phy_qcom_snps_femto_v2 qcom_rng snd_soc_lpass_macro_common snd_soc_lpass_wsa_macro\n lpass_gfm_sm8250 slimbus qcom_sysmon qcom_common qcom_glink_smem qmi_helpers\n qcom_wdt mdt_loader socinfo icc_osm_l3 display_connector\n drm_kms_helper qnoc_sm8250 drm fuse ip_tables x_tables ipv6\n CPU: 7 PID: 339 Comm: systemd-udevd Not tainted 5.19.0-rc8-next-20220728 #4\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : dev_pm_opp_set_config+0x49c/0x610\n lr : dev_pm_opp_set_config+0x58/0x610\n sp : ffff8000093c3710\n x29: ffff8000093c3710 x28: ffffbca3959d82b8 x27: ffff8000093c3d00\n x26: ffffbca3959d8e08 x25: ffff4396cac98118 x24: ffff4396c0e24810\n x23: ffff4396c4272c40 x22: ffff4396c0e24810 x21: ffff8000093c3810\n x20: ffff4396cac36800 x19: ffff4396cac96800 x18: 0000000000000000\n x17: 0000000000000003 x16: ffffbca3f4edf198 x15: 0000001cba64a858\n x14: 0000000000000180 x13: 000000000000017e x12: 0000000000000000\n x11: 0000000000000002 x10: 0000000000000a60 x9 : ffff8000093c35c0\n x8 : ffff4396c4273700 x7 : ffff43983efca6c0 x6 : ffff43983efca640\n x5 : 00000000410fd0d0 x4 : ffff4396c4272c40 x3 : ffffbca3f5d1e008\n x2 : 0000000000000000 x1 : ffff4396c2421600 x0 : ffff4396cac96860\n Call trace:\n dev_pm_opp_set_config+0x49c/0x610\n devm_pm_opp_set_config+0x18/0x70\n vcodec_domains_get+0xb8/0x1638 [venus_core]\n core_get_v4+0x1d8/0x218 [venus_core]\n venus_probe+0xf4/0x468 [venus_core]\n platform_probe+0x68/0xd8\n really_probe+0xbc/0x2a8\n __driver_probe_device+0x78/0xe0\n driver_probe_device+0x3c/0xf0\n __driver_attach+0x70/0x120\n bus_for_each_dev+0x70/0xc0\n driver_attach+0x24/0x30\n bus_add_driver+0x150/0x200\n driver_register+0x64/0x120\n __platform_driver_register+0x28/0x38\n qcom_venus_driver_init+0x24/0x1000 [venus_core]\n do_one_initcall+0x54/0x1c8\n do_init_module+0x44/0x1d0\n load_module+0x16c8/0x1aa0\n __do_sys_finit_module+0xbc/0x110\n __arm64_sys_finit_module+0x20/0x30\n invoke_syscall+0x44/0x108\n el0_svc_common.constprop.0+0xcc/0xf0\n do_el0_svc+0x2c/0xb8\n el0_svc+0x2c/0x88\n el0t_64_sync_handler+0xb8/0xc0\n el0t_64_sync+0x18c/0x190\n qcom-venus: probe of aa00000.video-codec failed with error -16\n\nThe fix is re-ordering the code related to OPP core. The OPP core\nexpects all configuration options to be provided before the OPP\ntable is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50011",
"url": "https://www.suse.com/security/cve/CVE-2022-50011"
},
{
"category": "external",
"summary": "SUSE Bug 1244915 for CVE-2022-50011",
"url": "https://bugzilla.suse.com/1244915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50011"
},
{
"cve": "CVE-2022-50012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64: Init jump labels before parse_early_param()\n\nOn 64-bit, calling jump_label_init() in setup_feature_keys() is too\nlate because static keys may be used in subroutines of\nparse_early_param() which is again subroutine of early_init_devtree().\n\nFor example booting with \"threadirqs\":\n\n static_key_enable_cpuslocked(): static key \u00270xc000000002953260\u0027 used before call to jump_label_init()\n WARNING: CPU: 0 PID: 0 at kernel/jump_label.c:166 static_key_enable_cpuslocked+0xfc/0x120\n ...\n NIP static_key_enable_cpuslocked+0xfc/0x120\n LR static_key_enable_cpuslocked+0xf8/0x120\n Call Trace:\n static_key_enable_cpuslocked+0xf8/0x120 (unreliable)\n static_key_enable+0x30/0x50\n setup_forced_irqthreads+0x28/0x40\n do_early_param+0xa0/0x108\n parse_args+0x290/0x4e0\n parse_early_options+0x48/0x5c\n parse_early_param+0x58/0x84\n early_init_devtree+0xd4/0x518\n early_setup+0xb4/0x214\n\nSo call jump_label_init() just before parse_early_param() in\nearly_init_devtree().\n\n[mpe: Add call trace to change log and minor wording edits.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50012",
"url": "https://www.suse.com/security/cve/CVE-2022-50012"
},
{
"category": "external",
"summary": "SUSE Bug 1245125 for CVE-2022-50012",
"url": "https://bugzilla.suse.com/1245125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50012"
},
{
"cve": "CVE-2022-50015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot\n\nIt is not yet clear, but it is possible to create a firmware so broken\nthat it will send a reply message before a FW_READY message (it is not\nyet clear if FW_READY will arrive later).\nSince the reply_data is allocated only after the FW_READY message, this\nwill lead to a NULL pointer dereference if not filtered out.\n\nThe issue was reported with IPC4 firmware but the same condition is present\nfor IPC3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50015",
"url": "https://www.suse.com/security/cve/CVE-2022-50015"
},
{
"category": "external",
"summary": "SUSE Bug 1245094 for CVE-2022-50015",
"url": "https://bugzilla.suse.com/1245094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50015"
},
{
"cve": "CVE-2022-50016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot\n\nIt is not yet clear, but it is possible to create a firmware so broken\nthat it will send a reply message before a FW_READY message (it is not\nyet clear if FW_READY will arrive later).\nSince the reply_data is allocated only after the FW_READY message, this\nwill lead to a NULL pointer dereference if not filtered out.\n\nThe issue was reported with IPC4 firmware but the same condition is present\nfor IPC3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50016",
"url": "https://www.suse.com/security/cve/CVE-2022-50016"
},
{
"category": "external",
"summary": "SUSE Bug 1245340 for CVE-2022-50016",
"url": "https://bugzilla.suse.com/1245340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50016"
},
{
"cve": "CVE-2022-50019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: Fix refcount leak bug in ucc_uart.c\n\nIn soc_info(), of_find_node_by_type() will return a node pointer\nwith refcount incremented. We should use of_node_put() when it is\nnot used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50019",
"url": "https://www.suse.com/security/cve/CVE-2022-50019"
},
{
"category": "external",
"summary": "SUSE Bug 1245098 for CVE-2022-50019",
"url": "https://bugzilla.suse.com/1245098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50019"
},
{
"cve": "CVE-2022-50020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid resizing to a partial cluster size\n\nThis patch avoids an attempt to resize the filesystem to an\nunaligned cluster boundary. An online resize to a size that is not\nintegral to cluster size results in the last iteration attempting to\ngrow the fs by a negative amount, which trips a BUG_ON and leaves the fs\nwith a corrupted in-memory superblock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50020",
"url": "https://www.suse.com/security/cve/CVE-2022-50020"
},
{
"category": "external",
"summary": "SUSE Bug 1245129 for CVE-2022-50020",
"url": "https://bugzilla.suse.com/1245129"
},
{
"category": "external",
"summary": "SUSE Bug 1245130 for CVE-2022-50020",
"url": "https://bugzilla.suse.com/1245130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50020"
},
{
"cve": "CVE-2022-50021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: block range must be validated before use in ext4_mb_clear_bb()\n\nBlock range to free is validated in ext4_free_blocks() using\next4_inode_block_valid() and then it\u0027s passed to ext4_mb_clear_bb().\nHowever in some situations on bigalloc file system the range might be\nadjusted after the validation in ext4_free_blocks() which can lead to\ntroubles on corrupted file systems such as one found by syzkaller that\nresulted in the following BUG\n\nkernel BUG at fs/ext4/ext4.h:3319!\nPREEMPT SMP NOPTI\nCPU: 28 PID: 4243 Comm: repro Kdump: loaded Not tainted 5.19.0-rc6+ #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014\nRIP: 0010:ext4_free_blocks+0x95e/0xa90\nCall Trace:\n \u003cTASK\u003e\n ? lock_timer_base+0x61/0x80\n ? __es_remove_extent+0x5a/0x760\n ? __mod_timer+0x256/0x380\n ? ext4_ind_truncate_ensure_credits+0x90/0x220\n ext4_clear_blocks+0x107/0x1b0\n ext4_free_data+0x15b/0x170\n ext4_ind_truncate+0x214/0x2c0\n ? _raw_spin_unlock+0x15/0x30\n ? ext4_discard_preallocations+0x15a/0x410\n ? ext4_journal_check_start+0xe/0x90\n ? __ext4_journal_start_sb+0x2f/0x110\n ext4_truncate+0x1b5/0x460\n ? __ext4_journal_start_sb+0x2f/0x110\n ext4_evict_inode+0x2b4/0x6f0\n evict+0xd0/0x1d0\n ext4_enable_quotas+0x11f/0x1f0\n ext4_orphan_cleanup+0x3de/0x430\n ? proc_create_seq_private+0x43/0x50\n ext4_fill_super+0x295f/0x3ae0\n ? snprintf+0x39/0x40\n ? sget_fc+0x19c/0x330\n ? ext4_reconfigure+0x850/0x850\n get_tree_bdev+0x16d/0x260\n vfs_get_tree+0x25/0xb0\n path_mount+0x431/0xa70\n __x64_sys_mount+0xe2/0x120\n do_syscall_64+0x5b/0x80\n ? do_user_addr_fault+0x1e2/0x670\n ? exc_page_fault+0x70/0x170\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7fdf4e512ace\n\nFix it by making sure that the block range is properly validated before\nused every time it changes in ext4_free_blocks() or ext4_mb_clear_bb().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50021",
"url": "https://www.suse.com/security/cve/CVE-2022-50021"
},
{
"category": "external",
"summary": "SUSE Bug 1245180 for CVE-2022-50021",
"url": "https://bugzilla.suse.com/1245180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50021"
},
{
"cve": "CVE-2022-50022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers:md:fix a potential use-after-free bug\n\nIn line 2884, \"raid5_release_stripe(sh);\" drops the reference to sh and\nmay cause sh to be released. However, sh is subsequently used in lines\n2886 \"if (sh-\u003ebatch_head \u0026\u0026 sh != sh-\u003ebatch_head)\". This may result in an\nuse-after-free bug.\n\nIt can be fixed by moving \"raid5_release_stripe(sh);\" to the bottom of\nthe function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50022",
"url": "https://www.suse.com/security/cve/CVE-2022-50022"
},
{
"category": "external",
"summary": "SUSE Bug 1245131 for CVE-2022-50022",
"url": "https://bugzilla.suse.com/1245131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50022"
},
{
"cve": "CVE-2022-50023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-axi-dmac: ignore interrupt if no descriptor\n\nIf the channel has no descriptor and the interrupt is raised then the\nkernel will OOPS. Check the result of vchan_next_desc() in the handler\naxi_chan_block_xfer_complete() to avoid the error happening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50023",
"url": "https://www.suse.com/security/cve/CVE-2022-50023"
},
{
"category": "external",
"summary": "SUSE Bug 1245134 for CVE-2022-50023",
"url": "https://bugzilla.suse.com/1245134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50023"
},
{
"cve": "CVE-2022-50024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-axi-dmac: do not print NULL LLI during error\n\nDuring debugging we have seen an issue where axi_chan_dump_lli()\nis passed a NULL LLI pointer which ends up causing an OOPS due\nto trying to get fields from it. Simply print NULL LLI and exit\nto avoid this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50024",
"url": "https://www.suse.com/security/cve/CVE-2022-50024"
},
{
"category": "external",
"summary": "SUSE Bug 1245133 for CVE-2022-50024",
"url": "https://bugzilla.suse.com/1245133"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50024"
},
{
"cve": "CVE-2022-50026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhabanalabs/gaudi: fix shift out of bounds\n\nWhen validating NIC queues, queue offset calculation must be\nperformed only for NIC queues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50026",
"url": "https://www.suse.com/security/cve/CVE-2022-50026"
},
{
"category": "external",
"summary": "SUSE Bug 1245088 for CVE-2022-50026",
"url": "https://bugzilla.suse.com/1245088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50026"
},
{
"cve": "CVE-2022-50027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak when failing to issue CMF WQE\n\nThere is no corresponding free routine if lpfc_sli4_issue_wqe fails to\nissue the CMF WQE in lpfc_issue_cmf_sync_wqe.\n\nIf ret_val is non-zero, then free the iocbq request structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50027",
"url": "https://www.suse.com/security/cve/CVE-2022-50027"
},
{
"category": "external",
"summary": "SUSE Bug 1245073 for CVE-2022-50027",
"url": "https://bugzilla.suse.com/1245073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50027"
},
{
"cve": "CVE-2022-50028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngadgetfs: ep_io - wait until IRQ finishes\n\nafter usb_ep_queue() if wait_for_completion_interruptible() is\ninterrupted we need to wait until IRQ gets finished.\n\nOtherwise complete() from epio_complete() can corrupt stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50028",
"url": "https://www.suse.com/security/cve/CVE-2022-50028"
},
{
"category": "external",
"summary": "SUSE Bug 1245135 for CVE-2022-50028",
"url": "https://bugzilla.suse.com/1245135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50028"
},
{
"cve": "CVE-2022-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: ipq8074: dont disable gcc_sleep_clk_src\n\nOnce the usb sleep clocks are disabled, clock framework is trying to\ndisable the sleep clock source also.\n\nHowever, it seems that it cannot be disabled and trying to do so produces:\n[ 245.436390] ------------[ cut here ]------------\n[ 245.441233] gcc_sleep_clk_src status stuck at \u0027on\u0027\n[ 245.441254] WARNING: CPU: 2 PID: 223 at clk_branch_wait+0x130/0x140\n[ 245.450435] Modules linked in: xhci_plat_hcd xhci_hcd dwc3 dwc3_qcom leds_gpio\n[ 245.456601] CPU: 2 PID: 223 Comm: sh Not tainted 5.18.0-rc4 #215\n[ 245.463889] Hardware name: Xiaomi AX9000 (DT)\n[ 245.470050] pstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 245.474307] pc : clk_branch_wait+0x130/0x140\n[ 245.481073] lr : clk_branch_wait+0x130/0x140\n[ 245.485588] sp : ffffffc009f2bad0\n[ 245.489838] x29: ffffffc009f2bad0 x28: ffffff8003e6c800 x27: 0000000000000000\n[ 245.493057] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800226ef20\n[ 245.500175] x23: ffffffc0089ff550 x22: 0000000000000000 x21: ffffffc008476ad0\n[ 245.507294] x20: 0000000000000000 x19: ffffffc00965ac70 x18: fffffffffffc51a7\n[ 245.514413] x17: 68702e3030303837 x16: 3a6d726f6674616c x15: ffffffc089f2b777\n[ 245.521531] x14: ffffffc0095c9d18 x13: 0000000000000129 x12: 0000000000000129\n[ 245.528649] x11: 00000000ffffffea x10: ffffffc009621d18 x9 : 0000000000000001\n[ 245.535767] x8 : 0000000000000001 x7 : 0000000000017fe8 x6 : 0000000000000001\n[ 245.542885] x5 : ffffff803fdca6d8 x4 : 0000000000000000 x3 : 0000000000000027\n[ 245.550002] x2 : 0000000000000027 x1 : 0000000000000023 x0 : 0000000000000026\n[ 245.557122] Call trace:\n[ 245.564229] clk_branch_wait+0x130/0x140\n[ 245.566490] clk_branch2_disable+0x2c/0x40\n[ 245.570656] clk_core_disable+0x60/0xb0\n[ 245.574561] clk_core_disable+0x68/0xb0\n[ 245.578293] clk_disable+0x30/0x50\n[ 245.582113] dwc3_qcom_remove+0x60/0xc0 [dwc3_qcom]\n[ 245.585588] platform_remove+0x28/0x60\n[ 245.590361] device_remove+0x4c/0x80\n[ 245.594179] device_release_driver_internal+0x1dc/0x230\n[ 245.597914] device_driver_detach+0x18/0x30\n[ 245.602861] unbind_store+0xec/0x110\n[ 245.607027] drv_attr_store+0x24/0x40\n[ 245.610847] sysfs_kf_write+0x44/0x60\n[ 245.614405] kernfs_fop_write_iter+0x128/0x1c0\n[ 245.618052] new_sync_write+0xc0/0x130\n[ 245.622391] vfs_write+0x1d4/0x2a0\n[ 245.626123] ksys_write+0x58/0xe0\n[ 245.629508] __arm64_sys_write+0x1c/0x30\n[ 245.632895] invoke_syscall.constprop.0+0x5c/0x110\n[ 245.636890] do_el0_svc+0xa0/0x150\n[ 245.641488] el0_svc+0x18/0x60\n[ 245.644872] el0t_64_sync_handler+0xa4/0x130\n[ 245.647914] el0t_64_sync+0x174/0x178\n[ 245.652340] ---[ end trace 0000000000000000 ]---\n\nSo, add CLK_IS_CRITICAL flag to the clock so that the kernel won\u0027t try\nto disable the sleep clock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50029",
"url": "https://www.suse.com/security/cve/CVE-2022-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1245146 for CVE-2022-50029",
"url": "https://bugzilla.suse.com/1245146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50029"
},
{
"cve": "CVE-2022-50030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input\n\nMalformed user input to debugfs results in buffer overflow crashes. Adapt\ninput string lengths to fit within internal buffers, leaving space for NULL\nterminators.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50030",
"url": "https://www.suse.com/security/cve/CVE-2022-50030"
},
{
"category": "external",
"summary": "SUSE Bug 1245265 for CVE-2022-50030",
"url": "https://bugzilla.suse.com/1245265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50030"
},
{
"cve": "CVE-2022-50031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50031"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50031",
"url": "https://www.suse.com/security/cve/CVE-2022-50031"
},
{
"category": "external",
"summary": "SUSE Bug 1245118 for CVE-2022-50031",
"url": "https://bugzilla.suse.com/1245118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50031"
},
{
"cve": "CVE-2022-50032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas: Fix refcount leak bug\n\nIn usbhs_rza1_hardware_init(), of_find_node_by_name() will return\na node pointer with refcount incremented. We should use of_node_put()\nwhen it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50032",
"url": "https://www.suse.com/security/cve/CVE-2022-50032"
},
{
"category": "external",
"summary": "SUSE Bug 1245103 for CVE-2022-50032",
"url": "https://bugzilla.suse.com/1245103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50032"
},
{
"cve": "CVE-2022-50033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-ppc-of: Fix refcount leak bug\n\nIn ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return\na node pointer with refcount incremented. We should use of_node_put()\nwhen it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50033",
"url": "https://www.suse.com/security/cve/CVE-2022-50033"
},
{
"category": "external",
"summary": "SUSE Bug 1245139 for CVE-2022-50033",
"url": "https://bugzilla.suse.com/1245139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50033"
},
{
"cve": "CVE-2022-50034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3 fix use-after-free at workaround 2\n\nBUG: KFENCE: use-after-free read in __list_del_entry_valid+0x10/0xac\n\ncdns3_wa2_remove_old_request()\n{\n\t...\n\tkfree(priv_req-\u003erequest.buf);\n\tcdns3_gadget_ep_free_request(\u0026priv_ep-\u003eendpoint, \u0026priv_req-\u003erequest);\n\tlist_del_init(\u0026priv_req-\u003elist);\n\t^^^ use after free\n\t...\n}\n\ncdns3_gadget_ep_free_request() free the space pointed by priv_req,\nbut priv_req is used in the following list_del_init().\n\nThis patch move list_del_init() before cdns3_gadget_ep_free_request().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50034",
"url": "https://www.suse.com/security/cve/CVE-2022-50034"
},
{
"category": "external",
"summary": "SUSE Bug 1245089 for CVE-2022-50034",
"url": "https://bugzilla.suse.com/1245089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50034"
},
{
"cve": "CVE-2022-50035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex\n\nIf amdgpu_cs_vm_handling returns r != 0, then it will unlock the\nbo_list_mutex inside the function amdgpu_cs_vm_handling and again on\namdgpu_cs_parser_fini. This problem results in the following\nuse-after-free problem:\n\n[ 220.280990] ------------[ cut here ]------------\n[ 220.281000] refcount_t: underflow; use-after-free.\n[ 220.281019] WARNING: CPU: 1 PID: 3746 at lib/refcount.c:28 refcount_warn_saturate+0xba/0x110\n[ 220.281029] ------------[ cut here ]------------\n[ 220.281415] CPU: 1 PID: 3746 Comm: chrome:cs0 Tainted: G W L ------- --- 5.20.0-0.rc0.20220812git7ebfc85e2cd7.10.fc38.x86_64 #1\n[ 220.281421] Hardware name: System manufacturer System Product Name/ROG STRIX X570-I GAMING, BIOS 4403 04/27/2022\n[ 220.281426] RIP: 0010:refcount_warn_saturate+0xba/0x110\n[ 220.281431] Code: 01 01 e8 79 4a 6f 00 0f 0b e9 42 47 a5 00 80 3d de\n7e be 01 00 75 85 48 c7 c7 f8 98 8e 98 c6 05 ce 7e be 01 01 e8 56 4a\n6f 00 \u003c0f\u003e 0b e9 1f 47 a5 00 80 3d b9 7e be 01 00 0f 85 5e ff ff ff 48\nc7\n[ 220.281437] RSP: 0018:ffffb4b0d18d7a80 EFLAGS: 00010282\n[ 220.281443] RAX: 0000000000000026 RBX: 0000000000000003 RCX: 0000000000000000\n[ 220.281448] RDX: 0000000000000001 RSI: ffffffff988d06dc RDI: 00000000ffffffff\n[ 220.281452] RBP: 00000000ffffffff R08: 0000000000000000 R09: ffffb4b0d18d7930\n[ 220.281457] R10: 0000000000000003 R11: ffffa0672e2fffe8 R12: ffffa058ca360400\n[ 220.281461] R13: ffffa05846c50a18 R14: 00000000fffffe00 R15: 0000000000000003\n[ 220.281465] FS: 00007f82683e06c0(0000) GS:ffffa066e2e00000(0000) knlGS:0000000000000000\n[ 220.281470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 220.281475] CR2: 00003590005cc000 CR3: 00000001fca46000 CR4: 0000000000350ee0\n[ 220.281480] Call Trace:\n[ 220.281485] \u003cTASK\u003e\n[ 220.281490] amdgpu_cs_ioctl+0x4e2/0x2070 [amdgpu]\n[ 220.281806] ? amdgpu_cs_find_mapping+0xe0/0xe0 [amdgpu]\n[ 220.282028] drm_ioctl_kernel+0xa4/0x150\n[ 220.282043] drm_ioctl+0x21f/0x420\n[ 220.282053] ? amdgpu_cs_find_mapping+0xe0/0xe0 [amdgpu]\n[ 220.282275] ? lock_release+0x14f/0x460\n[ 220.282282] ? _raw_spin_unlock_irqrestore+0x30/0x60\n[ 220.282290] ? _raw_spin_unlock_irqrestore+0x30/0x60\n[ 220.282297] ? lockdep_hardirqs_on+0x7d/0x100\n[ 220.282305] ? _raw_spin_unlock_irqrestore+0x40/0x60\n[ 220.282317] amdgpu_drm_ioctl+0x4a/0x80 [amdgpu]\n[ 220.282534] __x64_sys_ioctl+0x90/0xd0\n[ 220.282545] do_syscall_64+0x5b/0x80\n[ 220.282551] ? futex_wake+0x6c/0x150\n[ 220.282568] ? lock_is_held_type+0xe8/0x140\n[ 220.282580] ? do_syscall_64+0x67/0x80\n[ 220.282585] ? lockdep_hardirqs_on+0x7d/0x100\n[ 220.282592] ? do_syscall_64+0x67/0x80\n[ 220.282597] ? do_syscall_64+0x67/0x80\n[ 220.282602] ? lockdep_hardirqs_on+0x7d/0x100\n[ 220.282609] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 220.282616] RIP: 0033:0x7f8282a4f8bf\n[ 220.282639] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10\n00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00\n0f 05 \u003c89\u003e c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00\n00\n[ 220.282644] RSP: 002b:00007f82683df410 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 220.282651] RAX: ffffffffffffffda RBX: 00007f82683df588 RCX: 00007f8282a4f8bf\n[ 220.282655] RDX: 00007f82683df4d0 RSI: 00000000c0186444 RDI: 0000000000000018\n[ 220.282659] RBP: 00007f82683df4d0 R08: 00007f82683df5e0 R09: 00007f82683df4b0\n[ 220.282663] R10: 00001d04000a0600 R11: 0000000000000246 R12: 00000000c0186444\n[ 220.282667] R13: 0000000000000018 R14: 00007f82683df588 R15: 0000000000000003\n[ 220.282689] \u003c/TASK\u003e\n[ 220.282693] irq event stamp: 6232311\n[ 220.282697] hardirqs last enabled at (6232319): [\u003cffffffff9718cd7e\u003e] __up_console_sem+0x5e/0x70\n[ 220.282704] hardirqs last disabled at (6232326): [\u003cffffffff9718cd63\u003e] __up_console_sem+0x43/0x70\n[ 220.282709] softirqs last enabled at (6232072): [\u003cffffffff970ff669\u003e] __irq_exit_rcu+0xf9/0x170\n[ 220.282716] softirqs last disabled at (6232061): [\u003cffffffff97\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50035",
"url": "https://www.suse.com/security/cve/CVE-2022-50035"
},
{
"category": "external",
"summary": "SUSE Bug 1244955 for CVE-2022-50035",
"url": "https://bugzilla.suse.com/1244955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50035"
},
{
"cve": "CVE-2022-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sun4i: dsi: Prevent underflow when computing packet sizes\n\nCurrently, the packet overhead is subtracted using unsigned arithmetic.\nWith a short sync pulse, this could underflow and wrap around to near\nthe maximal u16 value. Fix this by using signed subtraction. The call to\nmax() will correctly handle any negative numbers that are produced.\n\nApply the same fix to the other timings, even though those subtractions\nare less likely to underflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50036",
"url": "https://www.suse.com/security/cve/CVE-2022-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1244941 for CVE-2022-50036",
"url": "https://bugzilla.suse.com/1244941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50036"
},
{
"cve": "CVE-2022-50037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/ttm: don\u0027t leak the ccs state\n\nThe kernel only manages the ccs state with lmem-only objects, however\nthe kernel should still take care not to leak the CCS state from the\nprevious user.\n\n(cherry picked from commit 353819d85f87be46aeb9c1dd929d445a006fc6ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50037",
"url": "https://www.suse.com/security/cve/CVE-2022-50037"
},
{
"category": "external",
"summary": "SUSE Bug 1244953 for CVE-2022-50037",
"url": "https://bugzilla.suse.com/1244953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50037"
},
{
"cve": "CVE-2022-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n\nIn this function, there are two refcount leak bugs:\n(1) when breaking out of for_each_endpoint_of_node(), we need call\nthe of_node_put() for the \u0027ep\u0027;\n(2) we should call of_node_put() for the reference returned by\nof_graph_get_remote_port() when it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50038",
"url": "https://www.suse.com/security/cve/CVE-2022-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1244943 for CVE-2022-50038",
"url": "https://bugzilla.suse.com/1244943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50038"
},
{
"cve": "CVE-2022-50039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50039"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove()\n\nCommit 09f012e64e4b (\"stmmac: intel: Fix clock handling on error and remove\npaths\") removed this clk_disable_unprepare()\n\nThis was partly revert by commit ac322f86b56c (\"net: stmmac: Fix clock\nhandling on remove path\") which removed this clk_disable_unprepare()\nbecause:\n\"\n While unloading the dwmac-intel driver, clk_disable_unprepare() is\n being called twice in stmmac_dvr_remove() and\n intel_eth_pci_remove(). This causes kernel panic on the second call.\n\"\n\nHowever later on, commit 5ec55823438e8 (\"net: stmmac: add clocks management\nfor gmac driver\") has updated stmmac_dvr_remove() which do not call\nclk_disable_unprepare() anymore.\n\nSo this call should now be called from intel_eth_pci_remove().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50039",
"url": "https://www.suse.com/security/cve/CVE-2022-50039"
},
{
"category": "external",
"summary": "SUSE Bug 1244942 for CVE-2022-50039",
"url": "https://bugzilla.suse.com/1244942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50039"
},
{
"cve": "CVE-2022-50040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions()\n\nIf an error occurs in dsa_devlink_region_create(), then \u0027priv-\u003eregions\u0027\narray will be accessed by negative index \u0027-1\u0027.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50040",
"url": "https://www.suse.com/security/cve/CVE-2022-50040"
},
{
"category": "external",
"summary": "SUSE Bug 1244949 for CVE-2022-50040",
"url": "https://bugzilla.suse.com/1244949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50040"
},
{
"cve": "CVE-2022-50041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50041"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix call trace with null VSI during VF reset\n\nDuring stress test with attaching and detaching VF from KVM and\nsimultaneously changing VFs spoofcheck and trust there was a\ncall trace in ice_reset_vf that VF\u0027s VSI is null.\n\n[145237.352797] WARNING: CPU: 46 PID: 840629 at drivers/net/ethernet/intel/ice/ice_vf_lib.c:508 ice_reset_vf+0x3d6/0x410 [ice]\n[145237.352851] Modules linked in: ice(E) vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio iavf dm_mod xt_CHECKSUM xt_MASQUERADE\nxt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink tun\n bridge stp llc sunrpc intel_rapl_msr intel_rapl_common sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm iTCO_wdt iTC\nO_vendor_support irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel rapl ipmi_si intel_cstate ipmi_devintf joydev intel_uncore m\nei_me ipmi_msghandler i2c_i801 pcspkr mei lpc_ich ioatdma i2c_smbus acpi_pad acpi_power_meter ip_tables xfs libcrc32c i2c_algo_bit drm_sh\nmem_helper drm_kms_helper sd_mod t10_pi crc64_rocksoft syscopyarea crc64 sysfillrect sg sysimgblt fb_sys_fops drm i40e ixgbe ahci libahci\n libata crc32c_intel mdio dca wmi fuse [last unloaded: ice]\n[145237.352917] CPU: 46 PID: 840629 Comm: kworker/46:2 Tainted: G S W I E 5.19.0-rc6+ #24\n[145237.352921] Hardware name: Intel Corporation S2600WTT/S2600WTT, BIOS SE5C610.86B.01.01.0008.021120151325 02/11/2015\n[145237.352923] Workqueue: ice ice_service_task [ice]\n[145237.352948] RIP: 0010:ice_reset_vf+0x3d6/0x410 [ice]\n[145237.352984] Code: 30 ec f3 cc e9 28 fd ff ff 0f b7 4b 50 48 c7 c2 48 19 9c c0 4c 89 ee 48 c7 c7 30 fe 9e c0 e8 d1 21 9d cc 31 c0 e9 a\n9 fe ff ff \u003c0f\u003e 0b b8 ea ff ff ff e9 c1 fc ff ff 0f 0b b8 fb ff ff ff e9 91 fe\n[145237.352987] RSP: 0018:ffffb453e257fdb8 EFLAGS: 00010246\n[145237.352990] RAX: ffff8bd0040181c0 RBX: ffff8be68db8f800 RCX: 0000000000000000\n[145237.352991] RDX: 000000000000ffff RSI: 0000000000000000 RDI: ffff8be68db8f800\n[145237.352993] RBP: ffff8bd0040181c0 R08: 0000000000001000 R09: ffff8bcfd520e000\n[145237.352995] R10: 0000000000000000 R11: 00008417b5ab0bc0 R12: 0000000000000005\n[145237.352996] R13: ffff8bcee061c0d0 R14: ffff8bd004019640 R15: 0000000000000000\n[145237.352998] FS: 0000000000000000(0000) GS:ffff8be5dfb00000(0000) knlGS:0000000000000000\n[145237.353000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[145237.353002] CR2: 00007fd81f651d68 CR3: 0000001a0fe10001 CR4: 00000000001726e0\n[145237.353003] Call Trace:\n[145237.353008] \u003cTASK\u003e\n[145237.353011] ice_process_vflr_event+0x8d/0xb0 [ice]\n[145237.353049] ice_service_task+0x79f/0xef0 [ice]\n[145237.353074] process_one_work+0x1c8/0x390\n[145237.353081] ? process_one_work+0x390/0x390\n[145237.353084] worker_thread+0x30/0x360\n[145237.353087] ? process_one_work+0x390/0x390\n[145237.353090] kthread+0xe8/0x110\n[145237.353094] ? kthread_complete_and_exit+0x20/0x20\n[145237.353097] ret_from_fork+0x22/0x30\n[145237.353103] \u003c/TASK\u003e\n\nRemove WARN_ON() from check if VSI is null in ice_reset_vf.\nAdd \"VF is already removed\\n\" in dev_dbg().\n\nThis WARN_ON() is unnecessary and causes call trace, despite that\ncall trace, driver still works. There is no need for this warn\nbecause this piece of code is responsible for disabling VF\u0027s Tx/Rx\nqueues when VF is disabled, but when VF is already removed there\nis no need to do reset or disable queues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50041",
"url": "https://www.suse.com/security/cve/CVE-2022-50041"
},
{
"category": "external",
"summary": "SUSE Bug 1244957 for CVE-2022-50041",
"url": "https://bugzilla.suse.com/1244957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50041"
},
{
"cve": "CVE-2022-50044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: start MHI channel after endpoit creation\n\nMHI channel may generates event/interrupt right after enabling.\nIt may leads to 2 race conditions issues.\n\n1)\nSuch event may be dropped by qcom_mhi_qrtr_dl_callback() at check:\n\n\tif (!qdev || mhi_res-\u003etransaction_status)\n\t\treturn;\n\nBecause dev_set_drvdata(\u0026mhi_dev-\u003edev, qdev) may be not performed at\nthis moment. In this situation qrtr-ns will be unable to enumerate\nservices in device.\n---------------------------------------------------------------\n\n2)\nSuch event may come at the moment after dev_set_drvdata() and\nbefore qrtr_endpoint_register(). In this case kernel will panic with\naccessing wrong pointer at qcom_mhi_qrtr_dl_callback():\n\n\trc = qrtr_endpoint_post(\u0026qdev-\u003eep, mhi_res-\u003ebuf_addr,\n\t\t\t\tmhi_res-\u003ebytes_xferd);\n\nBecause endpoint is not created yet.\n--------------------------------------------------------------\nSo move mhi_prepare_for_transfer_autoqueue after endpoint creation\nto fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50044",
"url": "https://www.suse.com/security/cve/CVE-2022-50044"
},
{
"category": "external",
"summary": "SUSE Bug 1244961 for CVE-2022-50044",
"url": "https://bugzilla.suse.com/1244961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50044"
},
{
"cve": "CVE-2022-50045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pci: Fix get_phb_number() locking\n\nThe recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP\nwarning on some systems:\n\n BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n 1 lock held by swapper/1:\n #0: c157efb0 (hose_spinlock){+.+.}-{2:2}, at: pcibios_alloc_controller+0x64/0x220\n Preemption disabled at:\n [\u003c00000000\u003e] 0x0\n CPU: 0 PID: 1 Comm: swapper Not tainted 5.19.0-yocto-standard+ #1\n Call Trace:\n [d101dc90] [c073b264] dump_stack_lvl+0x50/0x8c (unreliable)\n [d101dcb0] [c0093b70] __might_resched+0x258/0x2a8\n [d101dcd0] [c0d3e634] __mutex_lock+0x6c/0x6ec\n [d101dd50] [c0a84174] of_alias_get_id+0x50/0xf4\n [d101dd80] [c002ec78] pcibios_alloc_controller+0x1b8/0x220\n [d101ddd0] [c140c9dc] pmac_pci_init+0x198/0x784\n [d101de50] [c140852c] discover_phbs+0x30/0x4c\n [d101de60] [c0007fd4] do_one_initcall+0x94/0x344\n [d101ded0] [c1403b40] kernel_init_freeable+0x1a8/0x22c\n [d101df10] [c00086e0] kernel_init+0x34/0x160\n [d101df30] [c001b334] ret_from_kernel_thread+0x5c/0x64\n\nThis is because pcibios_alloc_controller() holds hose_spinlock but\nof_alias_get_id() takes of_mutex which can sleep.\n\nThe hose_spinlock protects the phb_bitmap, and also the hose_list, but\nit doesn\u0027t need to be held while get_phb_number() calls the OF routines,\nbecause those are only looking up information in the device tree.\n\nSo fix it by having get_phb_number() take the hose_spinlock itself, only\nwhere required, and then dropping the lock before returning.\npcibios_alloc_controller() then needs to take the lock again before the\nlist_add() but that\u0027s safe, the order of the list is not important.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50045",
"url": "https://www.suse.com/security/cve/CVE-2022-50045"
},
{
"category": "external",
"summary": "SUSE Bug 1244967 for CVE-2022-50045",
"url": "https://bugzilla.suse.com/1244967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50045"
},
{
"cve": "CVE-2022-50046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()\n\nThe issue happens on some error handling paths. When the function\nfails to grab the object `xprt`, it simply returns 0, forgetting to\ndecrease the reference count of another object `xps`, which is\nincreased by rpc_sysfs_xprt_kobj_get_xprt_switch(), causing refcount\nleaks. Also, the function forgets to check whether `xps` is valid\nbefore using it, which may result in NULL-dereferencing issues.\n\nFix it by adding proper error handling code when either `xprt` or\n`xps` is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50046",
"url": "https://www.suse.com/security/cve/CVE-2022-50046"
},
{
"category": "external",
"summary": "SUSE Bug 1244991 for CVE-2022-50046",
"url": "https://bugzilla.suse.com/1244991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50046"
},
{
"cve": "CVE-2022-50047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6060: prevent crash on an unused port\n\nIf the port isn\u0027t a CPU port nor a user port, \u0027cpu_dp\u0027\nis a null pointer and a crash happened on dereferencing\nit in mv88e6060_setup_port():\n\n[ 9.575872] Unable to handle kernel NULL pointer dereference at virtual address 00000014\n...\n[ 9.942216] mv88e6060_setup from dsa_register_switch+0x814/0xe84\n[ 9.948616] dsa_register_switch from mdio_probe+0x2c/0x54\n[ 9.954433] mdio_probe from really_probe.part.0+0x98/0x2a0\n[ 9.960375] really_probe.part.0 from driver_probe_device+0x30/0x10c\n[ 9.967029] driver_probe_device from __device_attach_driver+0xb8/0x13c\n[ 9.973946] __device_attach_driver from bus_for_each_drv+0x90/0xe0\n[ 9.980509] bus_for_each_drv from __device_attach+0x110/0x184\n[ 9.986632] __device_attach from bus_probe_device+0x8c/0x94\n[ 9.992577] bus_probe_device from deferred_probe_work_func+0x78/0xa8\n[ 9.999311] deferred_probe_work_func from process_one_work+0x290/0x73c\n[ 10.006292] process_one_work from worker_thread+0x30/0x4b8\n[ 10.012155] worker_thread from kthread+0xd4/0x10c\n[ 10.017238] kthread from ret_from_fork+0x14/0x3c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50047",
"url": "https://www.suse.com/security/cve/CVE-2022-50047"
},
{
"category": "external",
"summary": "SUSE Bug 1244993 for CVE-2022-50047",
"url": "https://bugzilla.suse.com/1244993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50047"
},
{
"cve": "CVE-2022-50049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: DPCM: Don\u0027t pick up BE without substream\n\nWhen DPCM tries to add valid BE connections at dpcm_add_paths(), it\ndoesn\u0027t check whether the picked BE actually supports for the given\nstream direction. Due to that, when an asymmetric BE stream is\npresent, it picks up wrongly and this may result in a NULL dereference\nat a later point where the code assumes the existence of a\ncorresponding BE substream.\n\nThis patch adds the check for the presence of the substream for the\ntarget BE for avoiding the problem above.\n\nNote that we have already some fix for non-existing BE substream at\ncommit 6246f283d5e0 (\"ASoC: dpcm: skip missing substream while\napplying symmetry\"). But the code path we\u0027ve hit recently is rather\nhappening before the previous fix. So this patch tries to fix at\npicking up a BE instead of parsing BE lists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50049",
"url": "https://www.suse.com/security/cve/CVE-2022-50049"
},
{
"category": "external",
"summary": "SUSE Bug 1244973 for CVE-2022-50049",
"url": "https://bugzilla.suse.com/1244973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50049"
},
{
"cve": "CVE-2022-50050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50050"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf()\n\nsnprintf() returns the would-be-filled size when the string overflows\nthe given buffer size, hence using this value may result in the buffer\noverflow (although it\u0027s unrealistic).\n\nThis patch replaces with a safer version, scnprintf() for papering\nover such a potential issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50050",
"url": "https://www.suse.com/security/cve/CVE-2022-50050"
},
{
"category": "external",
"summary": "SUSE Bug 1244987 for CVE-2022-50050",
"url": "https://bugzilla.suse.com/1244987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50050"
},
{
"cve": "CVE-2022-50051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n\nsnprintf() returns the would-be-filled size when the string overflows\nthe given buffer size, hence using this value may result in the buffer\noverflow (although it\u0027s unrealistic).\n\nThis patch replaces with a safer version, scnprintf() for papering\nover such a potential issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50051",
"url": "https://www.suse.com/security/cve/CVE-2022-50051"
},
{
"category": "external",
"summary": "SUSE Bug 1245041 for CVE-2022-50051",
"url": "https://bugzilla.suse.com/1245041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50051"
},
{
"cve": "CVE-2022-50052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix potential buffer overflow by snprintf()\n\nsnprintf() returns the would-be-filled size when the string overflows\nthe given buffer size, hence using this value may result in a buffer\noverflow (although it\u0027s unrealistic).\n\nThis patch replaces it with a safer version, scnprintf() for papering\nover such a potential issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50052",
"url": "https://www.suse.com/security/cve/CVE-2022-50052"
},
{
"category": "external",
"summary": "SUSE Bug 1245048 for CVE-2022-50052",
"url": "https://bugzilla.suse.com/1245048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50052"
},
{
"cve": "CVE-2022-50053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix reset error handling\n\nDo not call iavf_close in iavf_reset_task error handling. Doing so can\nlead to double call of napi_disable, which can lead to deadlock there.\nRemoving VF would lead to iavf_remove task being stuck, because it\nrequires crit_lock, which is held by iavf_close.\nCall iavf_disable_vf if reset fail, so that driver will clean up\nremaining invalid resources.\nDuring rapid VF resets, HW can fail to setup VF mailbox. Wrong\nerror handling can lead to iavf_remove being stuck with:\n[ 5218.999087] iavf 0000:82:01.0: Failed to init adminq: -53\n...\n[ 5267.189211] INFO: task repro.sh:11219 blocked for more than 30 seconds.\n[ 5267.189520] Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 5267.189764] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 5267.190062] task:repro.sh state:D stack: 0 pid:11219 ppid: 8162 flags:0x00000000\n[ 5267.190347] Call Trace:\n[ 5267.190647] \u003cTASK\u003e\n[ 5267.190927] __schedule+0x460/0x9f0\n[ 5267.191264] schedule+0x44/0xb0\n[ 5267.191563] schedule_preempt_disabled+0x14/0x20\n[ 5267.191890] __mutex_lock.isra.12+0x6e3/0xac0\n[ 5267.192237] ? iavf_remove+0xf9/0x6c0 [iavf]\n[ 5267.192565] iavf_remove+0x12a/0x6c0 [iavf]\n[ 5267.192911] ? _raw_spin_unlock_irqrestore+0x1e/0x40\n[ 5267.193285] pci_device_remove+0x36/0xb0\n[ 5267.193619] device_release_driver_internal+0xc1/0x150\n[ 5267.193974] pci_stop_bus_device+0x69/0x90\n[ 5267.194361] pci_stop_and_remove_bus_device+0xe/0x20\n[ 5267.194735] pci_iov_remove_virtfn+0xba/0x120\n[ 5267.195130] sriov_disable+0x2f/0xe0\n[ 5267.195506] ice_free_vfs+0x7d/0x2f0 [ice]\n[ 5267.196056] ? pci_get_device+0x4f/0x70\n[ 5267.196496] ice_sriov_configure+0x78/0x1a0 [ice]\n[ 5267.196995] sriov_numvfs_store+0xfe/0x140\n[ 5267.197466] kernfs_fop_write_iter+0x12e/0x1c0\n[ 5267.197918] new_sync_write+0x10c/0x190\n[ 5267.198404] vfs_write+0x24e/0x2d0\n[ 5267.198886] ksys_write+0x5c/0xd0\n[ 5267.199367] do_syscall_64+0x3a/0x80\n[ 5267.199827] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 5267.200317] RIP: 0033:0x7f5b381205c8\n[ 5267.200814] RSP: 002b:00007fff8c7e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 5267.201981] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5b381205c8\n[ 5267.202620] RDX: 0000000000000002 RSI: 00005569420ee900 RDI: 0000000000000001\n[ 5267.203426] RBP: 00005569420ee900 R08: 000000000000000a R09: 00007f5b38180820\n[ 5267.204327] R10: 000000000000000a R11: 0000000000000246 R12: 00007f5b383c06e0\n[ 5267.205193] R13: 0000000000000002 R14: 00007f5b383bb880 R15: 0000000000000002\n[ 5267.206041] \u003c/TASK\u003e\n[ 5267.206970] Kernel panic - not syncing: hung_task: blocked tasks\n[ 5267.207809] CPU: 48 PID: 551 Comm: khungtaskd Kdump: loaded Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 5267.208726] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.11.0 11/02/2019\n[ 5267.209623] Call Trace:\n[ 5267.210569] \u003cTASK\u003e\n[ 5267.211480] dump_stack_lvl+0x33/0x42\n[ 5267.212472] panic+0x107/0x294\n[ 5267.213467] watchdog.cold.8+0xc/0xbb\n[ 5267.214413] ? proc_dohung_task_timeout_secs+0x30/0x30\n[ 5267.215511] kthread+0xf4/0x120\n[ 5267.216459] ? kthread_complete_and_exit+0x20/0x20\n[ 5267.217505] ret_from_fork+0x22/0x30\n[ 5267.218459] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50053",
"url": "https://www.suse.com/security/cve/CVE-2022-50053"
},
{
"category": "external",
"summary": "SUSE Bug 1245038 for CVE-2022-50053",
"url": "https://bugzilla.suse.com/1245038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50053"
},
{
"cve": "CVE-2022-50054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix NULL pointer dereference in iavf_get_link_ksettings\n\nFix possible NULL pointer dereference, due to freeing of adapter-\u003evf_res\nin iavf_init_get_resources. Previous commit introduced a regression,\nwhere receiving IAVF_ERR_ADMIN_QUEUE_NO_WORK from iavf_get_vf_config\nwould free adapter-\u003evf_res. However, netdev is still registered, so\nethtool_ops can be called. Calling iavf_get_link_ksettings with no vf_res,\nwill result with:\n[ 9385.242676] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 9385.242683] #PF: supervisor read access in kernel mode\n[ 9385.242686] #PF: error_code(0x0000) - not-present page\n[ 9385.242690] PGD 0 P4D 0\n[ 9385.242696] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI\n[ 9385.242701] CPU: 6 PID: 3217 Comm: pmdalinux Kdump: loaded Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 9385.242708] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.11.0 11/02/2019\n[ 9385.242710] RIP: 0010:iavf_get_link_ksettings+0x29/0xd0 [iavf]\n[ 9385.242745] Code: 00 0f 1f 44 00 00 b8 01 ef ff ff 48 c7 46 30 00 00 00 00 48 c7 46 38 00 00 00 00 c6 46 0b 00 66 89 46 08 48 8b 87 68 0e 00 00 \u003cf6\u003e 40 08 80 75 50 8b 87 5c 0e 00 00 83 f8 08 74 7a 76 1d 83 f8 20\n[ 9385.242749] RSP: 0018:ffffc0560ec7fbd0 EFLAGS: 00010246\n[ 9385.242755] RAX: 0000000000000000 RBX: ffffc0560ec7fc08 RCX: 0000000000000000\n[ 9385.242759] RDX: ffffffffc0ad4550 RSI: ffffc0560ec7fc08 RDI: ffffa0fc66674000\n[ 9385.242762] RBP: 00007ffd1fb2bf50 R08: b6a2d54b892363ee R09: ffffa101dc14fb00\n[ 9385.242765] R10: 0000000000000000 R11: 0000000000000004 R12: ffffa0fc66674000\n[ 9385.242768] R13: 0000000000000000 R14: ffffa0fc66674000 R15: 00000000ffffffa1\n[ 9385.242771] FS: 00007f93711a2980(0000) GS:ffffa0fad72c0000(0000) knlGS:0000000000000000\n[ 9385.242775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 9385.242778] CR2: 0000000000000008 CR3: 0000000a8e61c003 CR4: 00000000003706e0\n[ 9385.242781] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 9385.242784] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 9385.242787] Call Trace:\n[ 9385.242791] \u003cTASK\u003e\n[ 9385.242793] ethtool_get_settings+0x71/0x1a0\n[ 9385.242814] __dev_ethtool+0x426/0x2f40\n[ 9385.242823] ? slab_post_alloc_hook+0x4f/0x280\n[ 9385.242836] ? kmem_cache_alloc_trace+0x15d/0x2f0\n[ 9385.242841] ? dev_ethtool+0x59/0x170\n[ 9385.242848] dev_ethtool+0xa7/0x170\n[ 9385.242856] dev_ioctl+0xc3/0x520\n[ 9385.242866] sock_do_ioctl+0xa0/0xe0\n[ 9385.242877] sock_ioctl+0x22f/0x320\n[ 9385.242885] __x64_sys_ioctl+0x84/0xc0\n[ 9385.242896] do_syscall_64+0x3a/0x80\n[ 9385.242904] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 9385.242918] RIP: 0033:0x7f93702396db\n[ 9385.242923] Code: 73 01 c3 48 8b 0d ad 57 38 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 7d 57 38 00 f7 d8 64 89 01 48\n[ 9385.242927] RSP: 002b:00007ffd1fb2bf18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 9385.242932] RAX: ffffffffffffffda RBX: 000055671b1d2fe0 RCX: 00007f93702396db\n[ 9385.242935] RDX: 00007ffd1fb2bf20 RSI: 0000000000008946 RDI: 0000000000000007\n[ 9385.242937] RBP: 00007ffd1fb2bf20 R08: 0000000000000003 R09: 0030763066307330\n[ 9385.242940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd1fb2bf80\n[ 9385.242942] R13: 0000000000000007 R14: 0000556719f6de90 R15: 00007ffd1fb2c1b0\n[ 9385.242948] \u003c/TASK\u003e\n[ 9385.242949] Modules linked in: iavf(E) xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nft_compat nf_nat_tftp nft_objref nf_conntrack_tftp bridge stp llc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables rfkill nfnetlink vfat fat irdma ib_uverbs ib_core intel_rapl_msr intel_rapl_common sb_edac x86_pkg_temp_thermal intel_powerclamp coretem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50054",
"url": "https://www.suse.com/security/cve/CVE-2022-50054"
},
{
"category": "external",
"summary": "SUSE Bug 1245040 for CVE-2022-50054",
"url": "https://bugzilla.suse.com/1245040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50054"
},
{
"cve": "CVE-2022-50055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix adminq error handling\n\niavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent\nmemory for VF mailbox.\nFree DMA regions for both ASQ and ARQ in case error happens during\nconfiguration of ASQ/ARQ registers.\nWithout this change it is possible to see when unloading interface:\n74626.583369: dma_debug_device_change: device driver has pending DMA allocations while released from device [count=32]\nOne of leaked entries details: [device address=0x0000000b27ff9000] [size=4096 bytes] [mapped with DMA_BIDIRECTIONAL] [mapped as coherent]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50055",
"url": "https://www.suse.com/security/cve/CVE-2022-50055"
},
{
"category": "external",
"summary": "SUSE Bug 1245039 for CVE-2022-50055",
"url": "https://bugzilla.suse.com/1245039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50055"
},
{
"cve": "CVE-2022-50059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: don\u0027t leak snap_rwsem in handle_cap_grant\n\nWhen handle_cap_grant is called on an IMPORT op, then the snap_rwsem is\nheld and the function is expected to release it before returning. It\ncurrently fails to do that in all cases which could lead to a deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50059",
"url": "https://www.suse.com/security/cve/CVE-2022-50059"
},
{
"category": "external",
"summary": "SUSE Bug 1245031 for CVE-2022-50059",
"url": "https://bugzilla.suse.com/1245031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50059"
},
{
"cve": "CVE-2022-50060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix mcam entry resource leak\n\nThe teardown sequence in FLR handler returns if no NIX LF\nis attached to PF/VF because it indicates that graceful\nshutdown of resources already happened. But there is a\nchance of all allocated MCAM entries not being freed by\nPF/VF. Hence free mcam entries even in case of detached LF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50060",
"url": "https://www.suse.com/security/cve/CVE-2022-50060"
},
{
"category": "external",
"summary": "SUSE Bug 1245032 for CVE-2022-50060",
"url": "https://bugzilla.suse.com/1245032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50060"
},
{
"cve": "CVE-2022-50061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50061",
"url": "https://www.suse.com/security/cve/CVE-2022-50061"
},
{
"category": "external",
"summary": "SUSE Bug 1245033 for CVE-2022-50061",
"url": "https://bugzilla.suse.com/1245033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50061"
},
{
"cve": "CVE-2022-50062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bgmac: Fix a BUG triggered by wrong bytes_compl\n\nOn one of our machines we got:\n\nkernel BUG at lib/dynamic_queue_limits.c:27!\nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM\nCPU: 0 PID: 1166 Comm: irq/41-bgmac Tainted: G W O 4.14.275-rt132 #1\nHardware name: BRCM XGS iProc\ntask: ee3415c0 task.stack: ee32a000\nPC is at dql_completed+0x168/0x178\nLR is at bgmac_poll+0x18c/0x6d8\npc : [\u003cc03b9430\u003e] lr : [\u003cc04b5a18\u003e] psr: 800a0313\nsp : ee32be14 ip : 000005ea fp : 00000bd4\nr10: ee558500 r9 : c0116298 r8 : 00000002\nr7 : 00000000 r6 : ef128810 r5 : 01993267 r4 : 01993851\nr3 : ee558000 r2 : 000070e1 r1 : 00000bd4 r0 : ee52c180\nFlags: Nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 12c5387d Table: 8e88c04a DAC: 00000051\nProcess irq/41-bgmac (pid: 1166, stack limit = 0xee32a210)\nStack: (0xee32be14 to 0xee32c000)\nbe00: ee558520 ee52c100 ef128810\nbe20: 00000000 00000002 c0116298 c04b5a18 00000000 c0a0c8c4 c0951780 00000040\nbe40: c0701780 ee558500 ee55d520 ef05b340 ef6f9780 ee558520 00000001 00000040\nbe60: ffffe000 c0a56878 ef6fa040 c0952040 0000012c c0528744 ef6f97b0 fffcfb6a\nbe80: c0a04104 2eda8000 c0a0c4ec c0a0d368 ee32bf44 c0153534 ee32be98 ee32be98\nbea0: ee32bea0 ee32bea0 ee32bea8 ee32bea8 00000000 c01462e4 ffffe000 ef6f22a8\nbec0: ffffe000 00000008 ee32bee4 c0147430 ffffe000 c094a2a8 00000003 ffffe000\nbee0: c0a54528 00208040 0000000c c0a0c8c4 c0a65980 c0124d3c 00000008 ee558520\nbf00: c094a23c c0a02080 00000000 c07a9910 ef136970 ef136970 ee30a440 ef136900\nbf20: ee30a440 00000001 ef136900 ee30a440 c016d990 00000000 c0108db0 c012500c\nbf40: ef136900 c016da14 ee30a464 ffffe000 00000001 c016dd14 00000000 c016db28\nbf60: ffffe000 ee21a080 ee30a400 00000000 ee32a000 ee30a440 c016dbfc ee25fd70\nbf80: ee21a09c c013edcc ee32a000 ee30a400 c013ec7c 00000000 00000000 00000000\nbfa0: 00000000 00000000 00000000 c0108470 00000000 00000000 00000000 00000000\nbfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\nbfe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000\n[\u003cc03b9430\u003e] (dql_completed) from [\u003cc04b5a18\u003e] (bgmac_poll+0x18c/0x6d8)\n[\u003cc04b5a18\u003e] (bgmac_poll) from [\u003cc0528744\u003e] (net_rx_action+0x1c4/0x494)\n[\u003cc0528744\u003e] (net_rx_action) from [\u003cc0124d3c\u003e] (do_current_softirqs+0x1ec/0x43c)\n[\u003cc0124d3c\u003e] (do_current_softirqs) from [\u003cc012500c\u003e] (__local_bh_enable+0x80/0x98)\n[\u003cc012500c\u003e] (__local_bh_enable) from [\u003cc016da14\u003e] (irq_forced_thread_fn+0x84/0x98)\n[\u003cc016da14\u003e] (irq_forced_thread_fn) from [\u003cc016dd14\u003e] (irq_thread+0x118/0x1c0)\n[\u003cc016dd14\u003e] (irq_thread) from [\u003cc013edcc\u003e] (kthread+0x150/0x158)\n[\u003cc013edcc\u003e] (kthread) from [\u003cc0108470\u003e] (ret_from_fork+0x14/0x24)\nCode: a83f15e0 0200001a 0630a0e1 c3ffffea (f201f0e7)\n\nThe issue seems similar to commit 90b3b339364c (\"net: hisilicon: Fix a BUG\ntrigered by wrong bytes_compl\") and potentially introduced by commit\nb38c83dd0866 (\"bgmac: simplify tx ring index handling\").\n\nIf there is an RX interrupt between setting ring-\u003eend\nand netdev_sent_queue() we can hit the BUG_ON as bgmac_dma_tx_free()\ncan miscalculate the queue size while called from bgmac_poll().\n\nThe machine which triggered the BUG runs a v4.14 RT kernel - but the issue\nseems present in mainline too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50062",
"url": "https://www.suse.com/security/cve/CVE-2022-50062"
},
{
"category": "external",
"summary": "SUSE Bug 1245028 for CVE-2022-50062",
"url": "https://bugzilla.suse.com/1245028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50062"
},
{
"cve": "CVE-2022-50065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: fix memory leak inside XPD_TX with mergeable\n\nWhen we call xdp_convert_buff_to_frame() to get xdpf, if it returns\nNULL, we should check if xdp_page was allocated by xdp_linearize_page().\nIf it is newly allocated, it should be freed here alone. Just like any\nother \"goto err_xdp\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50065",
"url": "https://www.suse.com/security/cve/CVE-2022-50065"
},
{
"category": "external",
"summary": "SUSE Bug 1244986 for CVE-2022-50065",
"url": "https://bugzilla.suse.com/1244986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50065"
},
{
"cve": "CVE-2022-50066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: fix aq_vec index out of range error\n\nThe final update statement of the for loop exceeds the array range, the\ndereference of self-\u003eaq_vec[i] is not checked and then leads to the\nindex out of range error.\nAlso fixed this kind of coding style in other for loop.\n\n[ 97.937604] UBSAN: array-index-out-of-bounds in drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1404:48\n[ 97.937607] index 8 is out of range for type \u0027aq_vec_s *[8]\u0027\n[ 97.937608] CPU: 38 PID: 3767 Comm: kworker/u256:18 Not tainted 5.19.0+ #2\n[ 97.937610] Hardware name: Dell Inc. Precision 7865 Tower/, BIOS 1.0.0 06/12/2022\n[ 97.937611] Workqueue: events_unbound async_run_entry_fn\n[ 97.937616] Call Trace:\n[ 97.937617] \u003cTASK\u003e\n[ 97.937619] dump_stack_lvl+0x49/0x63\n[ 97.937624] dump_stack+0x10/0x16\n[ 97.937626] ubsan_epilogue+0x9/0x3f\n[ 97.937627] __ubsan_handle_out_of_bounds.cold+0x44/0x49\n[ 97.937629] ? __scm_send+0x348/0x440\n[ 97.937632] ? aq_vec_stop+0x72/0x80 [atlantic]\n[ 97.937639] aq_nic_stop+0x1b6/0x1c0 [atlantic]\n[ 97.937644] aq_suspend_common+0x88/0x90 [atlantic]\n[ 97.937648] aq_pm_suspend_poweroff+0xe/0x20 [atlantic]\n[ 97.937653] pci_pm_suspend+0x7e/0x1a0\n[ 97.937655] ? pci_pm_suspend_noirq+0x2b0/0x2b0\n[ 97.937657] dpm_run_callback+0x54/0x190\n[ 97.937660] __device_suspend+0x14c/0x4d0\n[ 97.937661] async_suspend+0x23/0x70\n[ 97.937663] async_run_entry_fn+0x33/0x120\n[ 97.937664] process_one_work+0x21f/0x3f0\n[ 97.937666] worker_thread+0x4a/0x3c0\n[ 97.937668] ? process_one_work+0x3f0/0x3f0\n[ 97.937669] kthread+0xf0/0x120\n[ 97.937671] ? kthread_complete_and_exit+0x20/0x20\n[ 97.937672] ret_from_fork+0x22/0x30\n[ 97.937676] \u003c/TASK\u003e\n\nv2. fixed \"warning: variable \u0027aq_vec\u0027 set but not used\"\n\nv3. simplified a for loop",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50066",
"url": "https://www.suse.com/security/cve/CVE-2022-50066"
},
{
"category": "external",
"summary": "SUSE Bug 1244985 for CVE-2022-50066",
"url": "https://bugzilla.suse.com/1244985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50066"
},
{
"cve": "CVE-2022-50067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50067"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: unset reloc control if transaction commit fails in prepare_to_relocate()\n\nIn btrfs_relocate_block_group(), the rc is allocated. Then\nbtrfs_relocate_block_group() calls\n\nrelocate_block_group()\n prepare_to_relocate()\n set_reloc_control()\n\nthat assigns rc to the variable fs_info-\u003ereloc_ctl. When\nprepare_to_relocate() returns, it calls\n\nbtrfs_commit_transaction()\n btrfs_start_dirty_block_groups()\n btrfs_alloc_path()\n kmem_cache_zalloc()\n\nwhich may fail for example (or other errors could happen). When the\nfailure occurs, btrfs_relocate_block_group() detects the error and frees\nrc and doesn\u0027t set fs_info-\u003ereloc_ctl to NULL. After that, in\nbtrfs_init_reloc_root(), rc is retrieved from fs_info-\u003ereloc_ctl and\nthen used, which may cause a use-after-free bug.\n\nThis possible bug can be triggered by calling btrfs_ioctl_balance()\nbefore calling btrfs_ioctl_defrag().\n\nTo fix this possible bug, in prepare_to_relocate(), check if\nbtrfs_commit_transaction() fails. If the failure occurs,\nunset_reloc_control() is called to set fs_info-\u003ereloc_ctl to NULL.\n\nThe error log in our fault-injection testing is shown as follows:\n\n [ 58.751070] BUG: KASAN: use-after-free in btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n ...\n [ 58.753577] Call Trace:\n ...\n [ 58.755800] kasan_report+0x45/0x60\n [ 58.756066] btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n [ 58.757304] record_root_in_trans+0x792/0xa10 [btrfs]\n [ 58.757748] btrfs_record_root_in_trans+0x463/0x4f0 [btrfs]\n [ 58.758231] start_transaction+0x896/0x2950 [btrfs]\n [ 58.758661] btrfs_defrag_root+0x250/0xc00 [btrfs]\n [ 58.759083] btrfs_ioctl_defrag+0x467/0xa00 [btrfs]\n [ 58.759513] btrfs_ioctl+0x3c95/0x114e0 [btrfs]\n ...\n [ 58.768510] Allocated by task 23683:\n [ 58.768777] ____kasan_kmalloc+0xb5/0xf0\n [ 58.769069] __kmalloc+0x227/0x3d0\n [ 58.769325] alloc_reloc_control+0x10a/0x3d0 [btrfs]\n [ 58.769755] btrfs_relocate_block_group+0x7aa/0x1e20 [btrfs]\n [ 58.770228] btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n [ 58.770655] __btrfs_balance+0x1326/0x1f10 [btrfs]\n [ 58.771071] btrfs_balance+0x3150/0x3d30 [btrfs]\n [ 58.771472] btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n [ 58.771902] btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n ...\n [ 58.773337] Freed by task 23683:\n ...\n [ 58.774815] kfree+0xda/0x2b0\n [ 58.775038] free_reloc_control+0x1d6/0x220 [btrfs]\n [ 58.775465] btrfs_relocate_block_group+0x115c/0x1e20 [btrfs]\n [ 58.775944] btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n [ 58.776369] __btrfs_balance+0x1326/0x1f10 [btrfs]\n [ 58.776784] btrfs_balance+0x3150/0x3d30 [btrfs]\n [ 58.777185] btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n [ 58.777621] btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50067",
"url": "https://www.suse.com/security/cve/CVE-2022-50067"
},
{
"category": "external",
"summary": "SUSE Bug 1245047 for CVE-2022-50067",
"url": "https://bugzilla.suse.com/1245047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50067"
},
{
"cve": "CVE-2022-50068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: Fix dummy res NULL ptr deref bug\n\nCheck the bo-\u003eresource value before accessing the resource\nmem_type.\n\nv2: Fix commit description unwrapped warning\n\n\u003clog snip\u003e\n[ 40.191227][ T184] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN PTI\n[ 40.192995][ T184] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n[ 40.194411][ T184] CPU: 1 PID: 184 Comm: systemd-udevd Not tainted 5.19.0-rc4-00721-gb297c22b7070 #1\n[ 40.196063][ T184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014\n[ 40.199605][ T184] RIP: 0010:ttm_bo_validate+0x1b3/0x240 [ttm]\n[ 40.200754][ T184] Code: e8 72 c5 ff ff 83 f8 b8 74 d4 85 c0 75 54 49 8b 9e 58 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 10 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 04 3c 03 7e 44 8b 53 10 31 c0 85 d2 0f 85 58\n[ 40.203685][ T184] RSP: 0018:ffffc900006df0c8 EFLAGS: 00010202\n[ 40.204630][ T184] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff1102f4bb71b\n[ 40.205864][ T184] RDX: 0000000000000002 RSI: ffffc900006df208 RDI: 0000000000000010\n[ 40.207102][ T184] RBP: 1ffff920000dbe1a R08: ffffc900006df208 R09: 0000000000000000\n[ 40.208394][ T184] R10: ffff88817a5f0000 R11: 0000000000000001 R12: ffffc900006df110\n[ 40.209692][ T184] R13: ffffc900006df0f0 R14: ffff88817a5db800 R15: ffffc900006df208\n[ 40.210862][ T184] FS: 00007f6b1d16e8c0(0000) GS:ffff88839d700000(0000) knlGS:0000000000000000\n[ 40.212250][ T184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 40.213275][ T184] CR2: 000055a1001d4ff0 CR3: 00000001700f4000 CR4: 00000000000006e0\n[ 40.214469][ T184] Call Trace:\n[ 40.214974][ T184] \u003cTASK\u003e\n[ 40.215438][ T184] ? ttm_bo_bounce_temp_buffer+0x140/0x140 [ttm]\n[ 40.216572][ T184] ? mutex_spin_on_owner+0x240/0x240\n[ 40.217456][ T184] ? drm_vma_offset_add+0xaa/0x100 [drm]\n[ 40.218457][ T184] ttm_bo_init_reserved+0x3d6/0x540 [ttm]\n[ 40.219410][ T184] ? shmem_get_inode+0x744/0x980\n[ 40.220231][ T184] ttm_bo_init_validate+0xb1/0x200 [ttm]\n[ 40.221172][ T184] ? bo_driver_evict_flags+0x340/0x340 [drm_vram_helper]\n[ 40.222530][ T184] ? ttm_bo_init_reserved+0x540/0x540 [ttm]\n[ 40.223643][ T184] ? __do_sys_finit_module+0x11a/0x1c0\n[ 40.224654][ T184] ? __shmem_file_setup+0x102/0x280\n[ 40.234764][ T184] drm_gem_vram_create+0x305/0x480 [drm_vram_helper]\n[ 40.235766][ T184] ? bo_driver_evict_flags+0x340/0x340 [drm_vram_helper]\n[ 40.236846][ T184] ? __kasan_slab_free+0x108/0x180\n[ 40.237650][ T184] drm_gem_vram_fill_create_dumb+0x134/0x340 [drm_vram_helper]\n[ 40.238864][ T184] ? local_pci_probe+0xdf/0x180\n[ 40.239674][ T184] ? drmm_vram_helper_init+0x400/0x400 [drm_vram_helper]\n[ 40.240826][ T184] drm_client_framebuffer_create+0x19c/0x400 [drm]\n[ 40.241955][ T184] ? drm_client_buffer_delete+0x200/0x200 [drm]\n[ 40.243001][ T184] ? drm_client_pick_crtcs+0x554/0xb80 [drm]\n[ 40.244030][ T184] drm_fb_helper_generic_probe+0x23f/0x940 [drm_kms_helper]\n[ 40.245226][ T184] ? __cond_resched+0x1c/0xc0\n[ 40.245987][ T184] ? drm_fb_helper_memory_range_to_clip+0x180/0x180 [drm_kms_helper]\n[ 40.247316][ T184] ? mutex_unlock+0x80/0x100\n[ 40.248005][ T184] ? __mutex_unlock_slowpath+0x2c0/0x2c0\n[ 40.249083][ T184] drm_fb_helper_single_fb_probe+0x907/0xf00 [drm_kms_helper]\n[ 40.250314][ T184] ? drm_fb_helper_check_var+0x1180/0x1180 [drm_kms_helper]\n[ 40.251540][ T184] ? __cond_resched+0x1c/0xc0\n[ 40.252321][ T184] ? mutex_lock+0x9f/0x100\n[ 40.253062][ T184] __drm_fb_helper_initial_config_and_unlock+0xb9/0x2c0 [drm_kms_helper]\n[ 40.254394][ T184] drm_fbdev_client_hotplug+0x56f/0x840 [drm_kms_helper]\n[ 40.255477][ T184] drm_fbdev_generic_setup+0x165/0x3c0 [drm_kms_helper]\n[ 40.256607][ T184] bochs_pci_probe+0x6b7/0x900 [bochs]\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50068",
"url": "https://www.suse.com/security/cve/CVE-2022-50068"
},
{
"category": "external",
"summary": "SUSE Bug 1245142 for CVE-2022-50068",
"url": "https://bugzilla.suse.com/1245142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50068"
},
{
"cve": "CVE-2022-50072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pnfs: Fix a use-after-free bug in open\n\nIf someone cancels the open RPC call, then we must not try to free\neither the open slot or the layoutget operation arguments, since they\nare likely still in use by the hung RPC call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50072",
"url": "https://www.suse.com/security/cve/CVE-2022-50072"
},
{
"category": "external",
"summary": "SUSE Bug 1244979 for CVE-2022-50072",
"url": "https://bugzilla.suse.com/1244979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50072"
},
{
"cve": "CVE-2022-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tap: NULL pointer derefence in dev_parse_header_protocol when skb-\u003edev is null\n\nFixes a NULL pointer derefence bug triggered from tap driver.\nWhen tap_get_user calls virtio_net_hdr_to_skb the skb-\u003edev is null\n(in tap.c skb-\u003edev is set after the call to virtio_net_hdr_to_skb)\nvirtio_net_hdr_to_skb calls dev_parse_header_protocol which\nneeds skb-\u003edev field to be valid.\n\nThe line that trigers the bug is in dev_parse_header_protocol\n(dev is at offset 0x10 from skb and is stored in RAX register)\n if (!dev-\u003eheader_ops || !dev-\u003eheader_ops-\u003eparse_protocol)\n 22e1: mov 0x10(%rbx),%rax\n 22e5:\t mov 0x230(%rax),%rax\n\nSetting skb-\u003edev before the call in tap.c fixes the issue.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000230\nRIP: 0010:virtio_net_hdr_to_skb.constprop.0+0x335/0x410 [tap]\nCode: c0 0f 85 b7 fd ff ff eb d4 41 39 c6 77 cf 29 c6 48 89 df 44 01 f6 e8 7a 79 83 c1 48 85 c0 0f 85 d9 fd ff ff eb b7 48 8b 43 10 \u003c48\u003e 8b 80 30 02 00 00 48 85 c0 74 55 48 8b 40 28 48 85 c0 74 4c 48\nRSP: 0018:ffffc90005c27c38 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff888298f25300 RCX: 0000000000000010\nRDX: 0000000000000005 RSI: ffffc90005c27cb6 RDI: ffff888298f25300\nRBP: ffffc90005c27c80 R08: 00000000ffffffea R09: 00000000000007e8\nR10: ffff88858ec77458 R11: 0000000000000000 R12: 0000000000000001\nR13: 0000000000000014 R14: ffffc90005c27e08 R15: ffffc90005c27cb6\nFS: 0000000000000000(0000) GS:ffff88858ec40000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000230 CR3: 0000000281408006 CR4: 00000000003706e0\nCall Trace:\n tap_get_user+0x3f1/0x540 [tap]\n tap_sendmsg+0x56/0x362 [tap]\n ? get_tx_bufs+0xc2/0x1e0 [vhost_net]\n handle_tx_copy+0x114/0x670 [vhost_net]\n handle_tx+0xb0/0xe0 [vhost_net]\n handle_tx_kick+0x15/0x20 [vhost_net]\n vhost_worker+0x7b/0xc0 [vhost]\n ? vhost_vring_call_reset+0x40/0x40 [vhost]\n kthread+0xfa/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50073",
"url": "https://www.suse.com/security/cve/CVE-2022-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1244978 for CVE-2022-50073",
"url": "https://bugzilla.suse.com/1244978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50073"
},
{
"cve": "CVE-2022-50074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: Fix memleak in aa_simple_write_to_buffer()\n\nWhen copy_from_user failed, the memory is freed by kvfree. however the\nmanagement struct and data blob are allocated independently, so only\nkvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to\nfix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50074",
"url": "https://www.suse.com/security/cve/CVE-2022-50074"
},
{
"category": "external",
"summary": "SUSE Bug 1244965 for CVE-2022-50074",
"url": "https://bugzilla.suse.com/1244965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50074"
},
{
"cve": "CVE-2022-50076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix memory leak on the deferred close\n\nxfstests on smb21 report kmemleak as below:\n\n unreferenced object 0xffff8881767d6200 (size 64):\n comm \"xfs_io\", pid 1284, jiffies 4294777434 (age 20.789s)\n hex dump (first 32 bytes):\n 80 5a d0 11 81 88 ff ff 78 8a aa 63 81 88 ff ff .Z......x..c....\n 00 71 99 76 81 88 ff ff 00 00 00 00 00 00 00 00 .q.v............\n backtrace:\n [\u003c00000000ad04e6ea\u003e] cifs_close+0x92/0x2c0\n [\u003c0000000028b93c82\u003e] __fput+0xff/0x3f0\n [\u003c00000000d8116851\u003e] task_work_run+0x85/0xc0\n [\u003c0000000027e14f9e\u003e] do_exit+0x5e5/0x1240\n [\u003c00000000fb492b95\u003e] do_group_exit+0x58/0xe0\n [\u003c00000000129a32d9\u003e] __x64_sys_exit_group+0x28/0x30\n [\u003c00000000e3f7d8e9\u003e] do_syscall_64+0x35/0x80\n [\u003c00000000102e8a0b\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nWhen cancel the deferred close work, we should also cleanup the struct\ncifs_deferred_close.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50076",
"url": "https://www.suse.com/security/cve/CVE-2022-50076"
},
{
"category": "external",
"summary": "SUSE Bug 1244983 for CVE-2022-50076",
"url": "https://bugzilla.suse.com/1244983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50076"
},
{
"cve": "CVE-2022-50077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix reference count leak in aa_pivotroot()\n\nThe aa_pivotroot() function has a reference counting bug in a specific\npath. When aa_replace_current_label() returns on success, the function\nforgets to decrement the reference count of \"target\", which is\nincreased earlier by build_pivotroot(), causing a reference leak.\n\nFix it by decreasing the refcount of \"target\" in that path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50077",
"url": "https://www.suse.com/security/cve/CVE-2022-50077"
},
{
"category": "external",
"summary": "SUSE Bug 1244977 for CVE-2022-50077",
"url": "https://bugzilla.suse.com/1244977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50077"
},
{
"cve": "CVE-2022-50079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check correct bounds for stream encoder instances for DCN303\n\n[Why \u0026 How]\neng_id for DCN303 cannot be more than 1, since we have only two\ninstances of stream encoders.\n\nCheck the correct boundary condition for engine ID for DCN303 prevent\nthe potential out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50079",
"url": "https://www.suse.com/security/cve/CVE-2022-50079"
},
{
"category": "external",
"summary": "SUSE Bug 1244970 for CVE-2022-50079",
"url": "https://bugzilla.suse.com/1244970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50079"
},
{
"cve": "CVE-2022-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h\n\nWhen adding an xattr to an inode, we must ensure that the inode_size is\nnot less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise,\nthe end position may be greater than the start position, resulting in UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50083",
"url": "https://www.suse.com/security/cve/CVE-2022-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1244968 for CVE-2022-50083",
"url": "https://bugzilla.suse.com/1244968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50083"
},
{
"cve": "CVE-2022-50084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix address sanitizer warning in raid_status\n\nThere is this warning when using a kernel with the address sanitizer\nand running this testsuite:\nhttps://gitlab.com/cki-project/kernel-tests/-/tree/main/storage/swraid/scsi_raid\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in raid_status+0x1747/0x2820 [dm_raid]\nRead of size 4 at addr ffff888079d2c7e8 by task lvcreate/13319\nCPU: 0 PID: 13319 Comm: lvcreate Not tainted 5.18.0-0.rc3.\u003csnip\u003e #1\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6a/0x9c\n print_address_description.constprop.0+0x1f/0x1e0\n print_report.cold+0x55/0x244\n kasan_report+0xc9/0x100\n raid_status+0x1747/0x2820 [dm_raid]\n dm_ima_measure_on_table_load+0x4b8/0xca0 [dm_mod]\n table_load+0x35c/0x630 [dm_mod]\n ctl_ioctl+0x411/0x630 [dm_mod]\n dm_ctl_ioctl+0xa/0x10 [dm_mod]\n __x64_sys_ioctl+0x12a/0x1a0\n do_syscall_64+0x5b/0x80\n\nThe warning is caused by reading conf-\u003emax_nr_stripes in raid_status. The\ncode in raid_status reads mddev-\u003eprivate, casts it to struct r5conf and\nreads the entry max_nr_stripes.\n\nHowever, if we have different raid type than 4/5/6, mddev-\u003eprivate\ndoesn\u0027t point to struct r5conf; it may point to struct r0conf, struct\nr1conf, struct r10conf or struct mpconf. If we cast a pointer to one\nof these structs to struct r5conf, we will be reading invalid memory\nand KASAN warns about it.\n\nFix this bug by reading struct r5conf only if raid type is 4, 5 or 6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50084",
"url": "https://www.suse.com/security/cve/CVE-2022-50084"
},
{
"category": "external",
"summary": "SUSE Bug 1245117 for CVE-2022-50084",
"url": "https://bugzilla.suse.com/1245117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50084"
},
{
"cve": "CVE-2022-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix address sanitizer warning in raid_resume\n\nThere is a KASAN warning in raid_resume when running the lvm test\nlvconvert-raid.sh. The reason for the warning is that mddev-\u003eraid_disks\nis greater than rs-\u003eraid_disks, so the loop touches one entry beyond\nthe allocated length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50085",
"url": "https://www.suse.com/security/cve/CVE-2022-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1245147 for CVE-2022-50085",
"url": "https://bugzilla.suse.com/1245147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50085"
},
{
"cve": "CVE-2022-50086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t allow the same type rq_qos add more than once\n\nIn our test of iocost, we encountered some list add/del corruptions of\ninner_walk list in ioc_timer_fn.\n\nThe reason can be described as follows:\n\ncpu 0\t\t\t\t\tcpu 1\nioc_qos_write\t\t\t\tioc_qos_write\n\nioc = q_to_ioc(queue);\nif (!ioc) {\n ioc = kzalloc();\n\t\t\t\t\tioc = q_to_ioc(queue);\n\t\t\t\t\tif (!ioc) {\n\t\t\t\t\t\tioc = kzalloc();\n\t\t\t\t\t\t...\n\t\t\t\t\t\trq_qos_add(q, rqos);\n\t\t\t\t\t}\n ...\n rq_qos_add(q, rqos);\n ...\n}\n\nWhen the io.cost.qos file is written by two cpus concurrently, rq_qos may\nbe added to one disk twice. In that case, there will be two iocs enabled\nand running on one disk. They own different iocgs on their active list. In\nthe ioc_timer_fn function, because of the iocgs from two iocs have the\nsame root iocg, the root iocg\u0027s walk_list may be overwritten by each other\nand this leads to list add/del corruptions in building or destroying the\ninner_walk list.\n\nAnd so far, the blk-rq-qos framework works in case that one instance for\none type rq_qos per queue by default. This patch make this explicit and\nalso fix the crash above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50086",
"url": "https://www.suse.com/security/cve/CVE-2022-50086"
},
{
"category": "external",
"summary": "SUSE Bug 1245116 for CVE-2022-50086",
"url": "https://bugzilla.suse.com/1245116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50086"
},
{
"cve": "CVE-2022-50087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails\n\nWhen scpi probe fails, at any point, we need to ensure that the scpi_info\nis not set and will remain NULL until the probe succeeds. If it is not\ntaken care, then it could result use-after-free as the value is exported\nvia get_scpi_ops() and could refer to a memory allocated via devm_kzalloc()\nbut freed when the probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50087",
"url": "https://www.suse.com/security/cve/CVE-2022-50087"
},
{
"category": "external",
"summary": "SUSE Bug 1245119 for CVE-2022-50087",
"url": "https://bugzilla.suse.com/1245119"
},
{
"category": "external",
"summary": "SUSE Bug 1245294 for CVE-2022-50087",
"url": "https://bugzilla.suse.com/1245294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-50087"
},
{
"cve": "CVE-2022-50092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50092"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: fix use-after-free crash in dm_sm_register_threshold_callback\n\nFault inject on pool metadata device reports:\n BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80\n Read of size 8 at addr ffff8881b9d50068 by task dmsetup/950\n\n CPU: 7 PID: 950 Comm: dmsetup Tainted: G W 5.19.0-rc6 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_address_description.constprop.0.cold+0xeb/0x3f4\n kasan_report.cold+0xe6/0x147\n dm_pool_register_metadata_threshold+0x40/0x80\n pool_ctr+0xa0a/0x1150\n dm_table_add_target+0x2c8/0x640\n table_load+0x1fd/0x430\n ctl_ioctl+0x2c4/0x5a0\n dm_ctl_ioctl+0xa/0x10\n __x64_sys_ioctl+0xb3/0xd0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThis can be easily reproduced using:\n echo offline \u003e /sys/block/sda/device/state\n dd if=/dev/zero of=/dev/mapper/thin bs=4k count=10\n dmsetup load pool --table \"0 20971520 thin-pool /dev/sda /dev/sdb 128 0 0\"\n\nIf a metadata commit fails, the transaction will be aborted and the\nmetadata space maps will be destroyed. If a DM table reload then\nhappens for this failed thin-pool, a use-after-free will occur in\ndm_sm_register_threshold_callback (called from\ndm_pool_register_metadata_threshold).\n\nFix this by in dm_pool_register_metadata_threshold() by returning the\n-EINVAL error if the thin-pool is in fail mode. Also fail pool_ctr()\nwith a new error message: \"Error registering metadata threshold\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50092",
"url": "https://www.suse.com/security/cve/CVE-2022-50092"
},
{
"category": "external",
"summary": "SUSE Bug 1244848 for CVE-2022-50092",
"url": "https://bugzilla.suse.com/1244848"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50092"
},
{
"cve": "CVE-2022-50093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n\nKASAN reports:\n\n[ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/nodemask.h:415 drivers/iommu/intel/dmar.c:497)\n[ 4.676149][ T0] Read of size 8 at addr 1fffffff85115558 by task swapper/0/0\n[ 4.683454][ T0]\n[ 4.685638][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.19.0-rc3-00004-g0e862838f290 #1\n[ 4.694331][ T0] Hardware name: Supermicro SYS-5018D-FN4T/X10SDV-8C-TLN4F, BIOS 1.1 03/02/2016\n[ 4.703196][ T0] Call Trace:\n[ 4.706334][ T0] \u003cTASK\u003e\n[ 4.709133][ T0] ? dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/nodemask.h:415 drivers/iommu/intel/dmar.c:497)\n\nafter converting the type of the first argument (@nr, bit number)\nof arch_test_bit() from `long` to `unsigned long`[0].\n\nUnder certain conditions (for example, when ACPI NUMA is disabled\nvia command line), pxm_to_node() can return %NUMA_NO_NODE (-1).\nIt is valid \u0027magic\u0027 number of NUMA node, but not valid bit number\nto use in bitops.\nnode_online() eventually descends to test_bit() without checking\nfor the input, assuming it\u0027s on caller side (which might be good\nfor perf-critical tasks). There, -1 becomes %ULONG_MAX which leads\nto an insane array index when calculating bit position in memory.\n\nFor now, add an explicit check for @node being not %NUMA_NO_NODE\nbefore calling test_bit(). The actual logics didn\u0027t change here\nat all.\n\n[0] https://github.com/norov/linux/commit/0e862838f290147ea9c16db852d8d494b552d38d",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50093",
"url": "https://www.suse.com/security/cve/CVE-2022-50093"
},
{
"category": "external",
"summary": "SUSE Bug 1244849 for CVE-2022-50093",
"url": "https://bugzilla.suse.com/1244849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50093"
},
{
"cve": "CVE-2022-50094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n\ntrace_spmi_write_begin() and trace_spmi_read_end() both call\nmemcpy() with a length of \"len + 1\". This leads to one extra\nbyte being read beyond the end of the specified buffer. Fix\nthis out-of-bound memory access by using a length of \"len\"\ninstead.\n\nHere is a KASAN log showing the issue:\n\nBUG: KASAN: stack-out-of-bounds in trace_event_raw_event_spmi_read_end+0x1d0/0x234\nRead of size 2 at addr ffffffc0265b7540 by task thermal@2.0-ser/1314\n...\nCall trace:\n dump_backtrace+0x0/0x3e8\n show_stack+0x2c/0x3c\n dump_stack_lvl+0xdc/0x11c\n print_address_description+0x74/0x384\n kasan_report+0x188/0x268\n kasan_check_range+0x270/0x2b0\n memcpy+0x90/0xe8\n trace_event_raw_event_spmi_read_end+0x1d0/0x234\n spmi_read_cmd+0x294/0x3ac\n spmi_ext_register_readl+0x84/0x9c\n regmap_spmi_ext_read+0x144/0x1b0 [regmap_spmi]\n _regmap_raw_read+0x40c/0x754\n regmap_raw_read+0x3a0/0x514\n regmap_bulk_read+0x418/0x494\n adc5_gen3_poll_wait_hs+0xe8/0x1e0 [qcom_spmi_adc5_gen3]\n ...\n __arm64_sys_read+0x4c/0x60\n invoke_syscall+0x80/0x218\n el0_svc_common+0xec/0x1c8\n ...\n\naddr ffffffc0265b7540 is located in stack of task thermal@2.0-ser/1314 at offset 32 in frame:\n adc5_gen3_poll_wait_hs+0x0/0x1e0 [qcom_spmi_adc5_gen3]\n\nthis frame has 1 object:\n [32, 33) \u0027status\u0027\n\nMemory state around the buggy address:\n ffffffc0265b7400: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1\n ffffffc0265b7480: 04 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effffffc0265b7500: 00 00 00 00 f1 f1 f1 f1 01 f3 f3 f3 00 00 00 00\n ^\n ffffffc0265b7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffffffc0265b7600: f1 f1 f1 f1 01 f2 07 f2 f2 f2 01 f3 00 00 00 00\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50094",
"url": "https://www.suse.com/security/cve/CVE-2022-50094"
},
{
"category": "external",
"summary": "SUSE Bug 1244851 for CVE-2022-50094",
"url": "https://bugzilla.suse.com/1244851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50094"
},
{
"cve": "CVE-2022-50095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: Cleanup CPU timers before freeing them during exec\n\nCommit 55e8c8eb2c7b (\"posix-cpu-timers: Store a reference to a pid not a\ntask\") started looking up tasks by PID when deleting a CPU timer.\n\nWhen a non-leader thread calls execve, it will switch PIDs with the leader\nprocess. Then, as it calls exit_itimers, posix_cpu_timer_del cannot find\nthe task because the timer still points out to the old PID.\n\nThat means that armed timers won\u0027t be disarmed, that is, they won\u0027t be\nremoved from the timerqueue_list. exit_itimers will still release their\nmemory, and when that list is later processed, it leads to a\nuse-after-free.\n\nClean up the timers from the de-threaded task before freeing them. This\nprevents a reported use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50095",
"url": "https://www.suse.com/security/cve/CVE-2022-50095"
},
{
"category": "external",
"summary": "SUSE Bug 1244846 for CVE-2022-50095",
"url": "https://bugzilla.suse.com/1244846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50095"
},
{
"cve": "CVE-2022-50097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: s3fb: Check the size of screen before memset_io()\n\nIn the function s3fb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 54.083733] BUG: unable to handle page fault for address: ffffc90003000000\n[ 54.083742] #PF: supervisor write access in kernel mode\n[ 54.083744] #PF: error_code(0x0002) - not-present page\n[ 54.083760] RIP: 0010:memset_orig+0x33/0xb0\n[ 54.083782] Call Trace:\n[ 54.083788] s3fb_set_par+0x1ec6/0x4040\n[ 54.083806] fb_set_var+0x604/0xeb0\n[ 54.083836] do_fb_ioctl+0x234/0x670\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50097",
"url": "https://www.suse.com/security/cve/CVE-2022-50097"
},
{
"category": "external",
"summary": "SUSE Bug 1244845 for CVE-2022-50097",
"url": "https://bugzilla.suse.com/1244845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50097"
},
{
"cve": "CVE-2022-50098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts\n\nEnsure SRB is returned during I/O timeout error escalation. If that is not\npossible fail the escalation path.\n\nFollowing crash stack was seen:\n\nBUG: unable to handle kernel paging request at 0000002f56aa90f8\nIP: qla_chk_edif_rx_sa_delete_pending+0x14/0x30 [qla2xxx]\nCall Trace:\n ? qla2x00_status_entry+0x19f/0x1c50 [qla2xxx]\n ? qla2x00_start_sp+0x116/0x1170 [qla2xxx]\n ? dma_pool_alloc+0x1d6/0x210\n ? mempool_alloc+0x54/0x130\n ? qla24xx_process_response_queue+0x548/0x12b0 [qla2xxx]\n ? qla_do_work+0x2d/0x40 [qla2xxx]\n ? process_one_work+0x14c/0x390",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50098",
"url": "https://www.suse.com/security/cve/CVE-2022-50098"
},
{
"category": "external",
"summary": "SUSE Bug 1244841 for CVE-2022-50098",
"url": "https://bugzilla.suse.com/1244841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50098"
},
{
"cve": "CVE-2022-50099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Check the size of screen before memset_io()\n\nIn the function arkfb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 659.399066] BUG: unable to handle page fault for address: ffffc90003000000\n[ 659.399077] #PF: supervisor write access in kernel mode\n[ 659.399079] #PF: error_code(0x0002) - not-present page\n[ 659.399094] RIP: 0010:memset_orig+0x33/0xb0\n[ 659.399116] Call Trace:\n[ 659.399122] arkfb_set_par+0x143f/0x24c0\n[ 659.399130] fb_set_var+0x604/0xeb0\n[ 659.399161] do_fb_ioctl+0x234/0x670\n[ 659.399189] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50099",
"url": "https://www.suse.com/security/cve/CVE-2022-50099"
},
{
"category": "external",
"summary": "SUSE Bug 1244842 for CVE-2022-50099",
"url": "https://bugzilla.suse.com/1244842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50099"
},
{
"cve": "CVE-2022-50100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Do not requeue task on CPU excluded from cpus_mask\n\nThe following warning was triggered on a large machine early in boot on\na distribution kernel but the same problem should also affect mainline.\n\n WARNING: CPU: 439 PID: 10 at ../kernel/workqueue.c:2231 process_one_work+0x4d/0x440\n Call Trace:\n \u003cTASK\u003e\n rescuer_thread+0x1f6/0x360\n kthread+0x156/0x180\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\nCommit c6e7bd7afaeb (\"sched/core: Optimize ttwu() spinning on p-\u003eon_cpu\")\noptimises ttwu by queueing a task that is descheduling on the wakelist,\nbut does not check if the task descheduling is still allowed to run on that CPU.\n\nIn this warning, the problematic task is a workqueue rescue thread which\nchecks if the rescue is for a per-cpu workqueue and running on the wrong CPU.\nWhile this is early in boot and it should be possible to create workers,\nthe rescue thread may still used if the MAYDAY_INITIAL_TIMEOUT is reached\nor MAYDAY_INTERVAL and on a sufficiently large machine, the rescue\nthread is being used frequently.\n\nTracing confirmed that the task should have migrated properly using the\nstopper thread to handle the migration. However, a parallel wakeup from udev\nrunning on another CPU that does not share CPU cache observes p-\u003eon_cpu and\nuses task_cpu(p), queues the task on the old CPU and triggers the warning.\n\nCheck that the wakee task that is descheduling is still allowed to run\non its current CPU and if not, wait for the descheduling to complete\nand select an allowed CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50100",
"url": "https://www.suse.com/security/cve/CVE-2022-50100"
},
{
"category": "external",
"summary": "SUSE Bug 1244843 for CVE-2022-50100",
"url": "https://bugzilla.suse.com/1244843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50100"
},
{
"cve": "CVE-2022-50101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: vt8623fb: Check the size of screen before memset_io()\n\nIn the function vt8623fb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 583.339036] BUG: unable to handle page fault for address: ffffc90005000000\n[ 583.339049] #PF: supervisor write access in kernel mode\n[ 583.339052] #PF: error_code(0x0002) - not-present page\n[ 583.339074] RIP: 0010:memset_orig+0x33/0xb0\n[ 583.339110] Call Trace:\n[ 583.339118] vt8623fb_set_par+0x11cd/0x21e0\n[ 583.339146] fb_set_var+0x604/0xeb0\n[ 583.339181] do_fb_ioctl+0x234/0x670\n[ 583.339209] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50101",
"url": "https://www.suse.com/security/cve/CVE-2022-50101"
},
{
"category": "external",
"summary": "SUSE Bug 1244839 for CVE-2022-50101",
"url": "https://bugzilla.suse.com/1244839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50101"
},
{
"cve": "CVE-2022-50102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug\nin:\n drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info-\u003evar.pixclock) / hmul);\nwith hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0.\nand then in:\n drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par-\u003edac, 0, 1000000000 / pixclock);\nwe\u0027ll get a division-by-zero.\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline]\nRIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of ark_set_pixclock() first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50102",
"url": "https://www.suse.com/security/cve/CVE-2022-50102"
},
{
"category": "external",
"summary": "SUSE Bug 1244838 for CVE-2022-50102",
"url": "https://bugzilla.suse.com/1244838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50102"
},
{
"cve": "CVE-2022-50103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched, cpuset: Fix dl_cpu_busy() panic due to empty cs-\u003ecpus_allowed\n\nWith cgroup v2, the cpuset\u0027s cpus_allowed mask can be empty indicating\nthat the cpuset will just use the effective CPUs of its parent. So\ncpuset_can_attach() can call task_can_attach() with an empty mask.\nThis can lead to cpumask_any_and() returns nr_cpu_ids causing the call\nto dl_bw_of() to crash due to percpu value access of an out of bound\nCPU value. For example:\n\n\t[80468.182258] BUG: unable to handle page fault for address: ffffffff8b6648b0\n\t :\n\t[80468.191019] RIP: 0010:dl_cpu_busy+0x30/0x2b0\n\t :\n\t[80468.207946] Call Trace:\n\t[80468.208947] cpuset_can_attach+0xa0/0x140\n\t[80468.209953] cgroup_migrate_execute+0x8c/0x490\n\t[80468.210931] cgroup_update_dfl_csses+0x254/0x270\n\t[80468.211898] cgroup_subtree_control_write+0x322/0x400\n\t[80468.212854] kernfs_fop_write_iter+0x11c/0x1b0\n\t[80468.213777] new_sync_write+0x11f/0x1b0\n\t[80468.214689] vfs_write+0x1eb/0x280\n\t[80468.215592] ksys_write+0x5f/0xe0\n\t[80468.216463] do_syscall_64+0x5c/0x80\n\t[80468.224287] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFix that by using effective_cpus instead. For cgroup v1, effective_cpus\nis the same as cpus_allowed. For v2, effective_cpus is the real cpumask\nto be used by tasks within the cpuset anyway.\n\nAlso update task_can_attach()\u0027s 2nd argument name to cs_effective_cpus to\nreflect the change. In addition, a check is added to task_can_attach()\nto guard against the possibility that cpumask_any_and() may return a\nvalue \u003e= nr_cpu_ids.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50103",
"url": "https://www.suse.com/security/cve/CVE-2022-50103"
},
{
"category": "external",
"summary": "SUSE Bug 1244840 for CVE-2022-50103",
"url": "https://bugzilla.suse.com/1244840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50103"
},
{
"cve": "CVE-2022-50104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/xive: Fix refcount leak in xive_get_max_prio\n\nof_find_node_by_path() returns a node pointer with\nrefcount incremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50104",
"url": "https://www.suse.com/security/cve/CVE-2022-50104"
},
{
"category": "external",
"summary": "SUSE Bug 1244836 for CVE-2022-50104",
"url": "https://bugzilla.suse.com/1244836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50104"
},
{
"cve": "CVE-2022-50108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: max77620: Fix refcount leak in max77620_initialise_fps\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50108",
"url": "https://www.suse.com/security/cve/CVE-2022-50108"
},
{
"category": "external",
"summary": "SUSE Bug 1244834 for CVE-2022-50108",
"url": "https://bugzilla.suse.com/1244834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50108"
},
{
"cve": "CVE-2022-50109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: amba-clcd: Fix refcount leak bugs\n\nIn clcdfb_of_init_display(), we should call of_node_put() for the\nreferences returned by of_graph_get_next_endpoint() and\nof_graph_get_remote_port_parent() which have increased the refcount.\n\nBesides, we should call of_node_put() both in fail path or when\nthe references are not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50109",
"url": "https://www.suse.com/security/cve/CVE-2022-50109"
},
{
"category": "external",
"summary": "SUSE Bug 1244884 for CVE-2022-50109",
"url": "https://bugzilla.suse.com/1244884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50109"
},
{
"cve": "CVE-2022-50110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource\n\nUnlike release_mem_region(), a call to release_resource() does not\nfree the resource, so it has to be freed explicitly to avoid a memory\nleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50110",
"url": "https://www.suse.com/security/cve/CVE-2022-50110"
},
{
"category": "external",
"summary": "SUSE Bug 1244830 for CVE-2022-50110",
"url": "https://bugzilla.suse.com/1244830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50110"
},
{
"cve": "CVE-2022-50111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mt6359: Fix refcount leak bug\n\nIn mt6359_parse_dt() and mt6359_accdet_parse_dt(), we should call\nof_node_put() for the reference returned by of_get_child_by_name()\nwhich has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50111",
"url": "https://www.suse.com/security/cve/CVE-2022-50111"
},
{
"category": "external",
"summary": "SUSE Bug 1244831 for CVE-2022-50111",
"url": "https://bugzilla.suse.com/1244831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50111"
},
{
"cve": "CVE-2022-50112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50112",
"url": "https://www.suse.com/security/cve/CVE-2022-50112"
},
{
"category": "external",
"summary": "SUSE Bug 1244832 for CVE-2022-50112",
"url": "https://bugzilla.suse.com/1244832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50112"
},
{
"cve": "CVE-2022-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes\n\nWe have sanity checks for byte controls and if any of the fail the locally\nallocated scontrol-\u003eipc_control_data is freed up, but not set to NULL.\n\nOn a rollback path of the error the higher level code will also try to free\nthe scontrol-\u003eipc_control_data which will eventually going to lead to\nmemory corruption as double freeing memory is not a good thing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50115",
"url": "https://www.suse.com/security/cve/CVE-2022-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1244827 for CVE-2022-50115",
"url": "https://bugzilla.suse.com/1244827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50115"
},
{
"cve": "CVE-2022-50116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix deadlock and link starvation in outgoing data path\n\nThe current implementation queues up new control and user packets as needed\nand processes this queue down to the ldisc in the same code path.\nThat means that the upper and the lower layer are hard coupled in the code.\nDue to this deadlocks can happen as seen below while transmitting data,\nespecially during ldisc congestion. Furthermore, the data channels starve\nthe control channel on high transmission load on the ldisc.\n\nIntroduce an additional control channel data queue to prevent timeouts and\nlink hangups during ldisc congestion. This is being processed before the\nuser channel data queue in gsm_data_kick(), i.e. with the highest priority.\nPut the queue to ldisc data path into a workqueue and trigger it whenever\nnew data has been put into the transmission queue. Change\ngsm_dlci_data_sweep() accordingly to fill up the transmission queue until\nTX_THRESH_HI. This solves the locking issue, keeps latency low and provides\ngood performance on high data load.\nNote that now all packets from a DLCI are removed from the internal queue\nif the associated DLCI was closed. This ensures that no data is sent by the\nintroduced write task to an already closed DLCI.\n\nBUG: spinlock recursion on CPU#0, test_v24_loop/124\n lock: serial8250_ports+0x3a8/0x7500, .magic: dead4ead, .owner: test_v24_loop/124, .owner_cpu: 0\nCPU: 0 PID: 124 Comm: test_v24_loop Tainted: G O 5.18.0-rc2 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x34/0x44\n do_raw_spin_lock+0x76/0xa0\n _raw_spin_lock_irqsave+0x72/0x80\n uart_write_room+0x3b/0xc0\n gsm_data_kick+0x14b/0x240 [n_gsm]\n gsmld_write_wakeup+0x35/0x70 [n_gsm]\n tty_wakeup+0x53/0x60\n tty_port_default_wakeup+0x1b/0x30\n serial8250_tx_chars+0x12f/0x220\n serial8250_handle_irq.part.0+0xfe/0x150\n serial8250_default_handle_irq+0x48/0x80\n serial8250_interrupt+0x56/0xa0\n __handle_irq_event_percpu+0x78/0x1f0\n handle_irq_event+0x34/0x70\n handle_fasteoi_irq+0x90/0x1e0\n __common_interrupt+0x69/0x100\n common_interrupt+0x48/0xc0\n asm_common_interrupt+0x1e/0x40\nRIP: 0010:__do_softirq+0x83/0x34e\nCode: 2a 0a ff 0f b7 ed c7 44 24 10 0a 00 00 00 48 c7 c7 51 2a 64 82 e8 2d\ne2 d5 ff 65 66 c7 05 83 af 1e 7e 00 00 fb b8 ff ff ff ff \u003c49\u003e c7 c2 40 61\n80 82 0f bc c5 41 89 c4 41 83 c4 01 0f 84 e6 00 00\nRSP: 0018:ffffc90000003f98 EFLAGS: 00000286\nRAX: 00000000ffffffff RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff82642a51 RDI: ffffffff825bb5e7\nRBP: 0000000000000200 R08: 00000008de3271a8 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000030 R14: 0000000000000000 R15: 0000000000000000\n ? __do_softirq+0x73/0x34e\n irq_exit_rcu+0xb5/0x100\n common_interrupt+0xa4/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x1e/0x40\nRIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50\nCode: 00 55 48 89 fd 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 85 28 36 ff\n48 89 ef e8 cd 58 36 ff 80 e7 02 74 01 fb bf 01 00 00 00 \u003ce8\u003e 3d 97 33 ff\n65 8b 05 96 23 2b 7e 85 c0 74 03 5b 5d c3 0f 1f 44\nRSP: 0018:ffffc9000020fd08 EFLAGS: 00000202\nRAX: 0000000000000000 RBX: 0000000000000246 RCX: 0000000000000000\nRDX: 0000000000000004 RSI: ffffffff8257fd74 RDI: 0000000000000001\nRBP: ffff8880057de3a0 R08: 00000008de233000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000100 R14: 0000000000000202 R15: ffff8880057df0b8\n ? _raw_spin_unlock_irqrestore+0x23/0x50\n gsmtty_write+0x65/0x80 [n_gsm]\n n_tty_write+0x33f/0x530\n ? swake_up_all+0xe0/0xe0\n file_tty_write.constprop.0+0x1b1/0x320\n ? n_tty_flush_buffer+0xb0/0xb0\n new_sync_write+0x10c/0x190\n vfs_write+0x282/0x310\n ksys_write+0x68/0xe0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f3e5e35c15c\nCode: 8b 7c 24 08 89 c5 e8 c5 ff ff ff 89 ef 89 44 24\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50116",
"url": "https://www.suse.com/security/cve/CVE-2022-50116"
},
{
"category": "external",
"summary": "SUSE Bug 1244824 for CVE-2022-50116",
"url": "https://bugzilla.suse.com/1244824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50116"
},
{
"cve": "CVE-2022-50117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio: Split migration ops from main device ops\n\nvfio core checks whether the driver sets some migration op (e.g.\nset_state/get_state) and accordingly calls its op.\n\nHowever, currently mlx5 driver sets the above ops without regards to its\nmigration caps.\n\nThis might lead to unexpected usage/Oops if user space may call to the\nabove ops even if the driver doesn\u0027t support migration. As for example,\nthe migration state_mutex is not initialized in that case.\n\nThe cleanest way to manage that seems to split the migration ops from\nthe main device ops, this will let the driver setting them separately\nfrom the main ops when it\u0027s applicable.\n\nAs part of that, validate ops construction on registration and include a\ncheck for VFIO_MIGRATION_STOP_COPY since the uAPI claims it must be set\nin migration_flags.\n\nHISI driver was changed as well to match this scheme.\n\nThis scheme may enable down the road to come with some extra group of\nops (e.g. DMA log) that can be set without regards to the other options\nbased on driver caps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50117",
"url": "https://www.suse.com/security/cve/CVE-2022-50117"
},
{
"category": "external",
"summary": "SUSE Bug 1244826 for CVE-2022-50117",
"url": "https://bugzilla.suse.com/1244826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50117"
},
{
"cve": "CVE-2022-50118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable\n\ncommit 2c9ac51b850d (\"powerpc/perf: Fix PMU callbacks to clear\npending PMI before resetting an overflown PMC\") added a new\nfunction \"pmi_irq_pending\" in hw_irq.h. This function is to check\nif there is a PMI marked as pending in Paca (PACA_IRQ_PMI).This is\nused in power_pmu_disable in a WARN_ON. The intention here is to\nprovide a warning if there is PMI pending, but no counter is found\noverflown.\n\nDuring some of the perf runs, below warning is hit:\n\nWARNING: CPU: 36 PID: 0 at arch/powerpc/perf/core-book3s.c:1332 power_pmu_disable+0x25c/0x2c0\n Modules linked in:\n -----\n\n NIP [c000000000141c3c] power_pmu_disable+0x25c/0x2c0\n LR [c000000000141c8c] power_pmu_disable+0x2ac/0x2c0\n Call Trace:\n [c000000baffcfb90] [c000000000141c8c] power_pmu_disable+0x2ac/0x2c0 (unreliable)\n [c000000baffcfc10] [c0000000003e2f8c] perf_pmu_disable+0x4c/0x60\n [c000000baffcfc30] [c0000000003e3344] group_sched_out.part.124+0x44/0x100\n [c000000baffcfc80] [c0000000003e353c] __perf_event_disable+0x13c/0x240\n [c000000baffcfcd0] [c0000000003dd334] event_function+0xc4/0x140\n [c000000baffcfd20] [c0000000003d855c] remote_function+0x7c/0xa0\n [c000000baffcfd50] [c00000000026c394] flush_smp_call_function_queue+0xd4/0x300\n [c000000baffcfde0] [c000000000065b24] smp_ipi_demux_relaxed+0xa4/0x100\n [c000000baffcfe20] [c0000000000cb2b0] xive_muxed_ipi_action+0x20/0x40\n [c000000baffcfe40] [c000000000207c3c] __handle_irq_event_percpu+0x8c/0x250\n [c000000baffcfee0] [c000000000207e2c] handle_irq_event_percpu+0x2c/0xa0\n [c000000baffcff10] [c000000000210a04] handle_percpu_irq+0x84/0xc0\n [c000000baffcff40] [c000000000205f14] generic_handle_irq+0x54/0x80\n [c000000baffcff60] [c000000000015740] __do_irq+0x90/0x1d0\n [c000000baffcff90] [c000000000016990] __do_IRQ+0xc0/0x140\n [c0000009732f3940] [c000000bafceaca8] 0xc000000bafceaca8\n [c0000009732f39d0] [c000000000016b78] do_IRQ+0x168/0x1c0\n [c0000009732f3a00] [c0000000000090c8] hardware_interrupt_common_virt+0x218/0x220\n\nThis means that there is no PMC overflown among the active events\nin the PMU, but there is a PMU pending in Paca. The function\n\"any_pmc_overflown\" checks the PMCs on active events in\ncpuhw-\u003en_events. Code snippet:\n\n\u003c\u003c\u003e\u003e\nif (any_pmc_overflown(cpuhw))\n \tclear_pmi_irq_pending();\n else\n \tWARN_ON(pmi_irq_pending());\n\u003c\u003c\u003e\u003e\n\nHere the PMC overflown is not from active event. Example: When we do\nperf record, default cycles and instructions will be running on PMC6\nand PMC5 respectively. It could happen that overflowed event is currently\nnot active and pending PMI is for the inactive event. Debug logs from\ntrace_printk:\n\n\u003c\u003c\u003e\u003e\nany_pmc_overflown: idx is 5: pmc value is 0xd9a\npower_pmu_disable: PMC1: 0x0, PMC2: 0x0, PMC3: 0x0, PMC4: 0x0, PMC5: 0xd9a, PMC6: 0x80002011\n\u003c\u003c\u003e\u003e\n\nHere active PMC (from idx) is PMC5 , but overflown PMC is PMC6(0x80002011).\nWhen we handle PMI interrupt for such cases, if the PMC overflown is\nfrom inactive event, it will be ignored. Reference commit:\ncommit bc09c219b2e6 (\"powerpc/perf: Fix finding overflowed PMC in interrupt\")\n\nPatch addresses two changes:\n1) Fix 1 : Removal of warning ( WARN_ON(pmi_irq_pending()); )\n We were printing warning if no PMC is found overflown among active PMU\n events, but PMI pending in PACA. But this could happen in cases where\n PMC overflown is not in active PMC. An inactive event could have caused\n the overflow. Hence the warning is not needed. To know pending PMI is\n from an inactive event, we need to loop through all PMC\u0027s which will\n cause more SPR reads via mfspr and increase in context switch. Also in\n existing function: perf_event_interrupt, already we ignore PMI\u0027s\n overflown when it is from an inactive PMC.\n\n2) Fix 2: optimization in clearing pending PMI.\n Currently we check for any active PMC overflown before clearing PMI\n pending in Paca. This is causing additional SP\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50118",
"url": "https://www.suse.com/security/cve/CVE-2022-50118"
},
{
"category": "external",
"summary": "SUSE Bug 1244825 for CVE-2022-50118",
"url": "https://bugzilla.suse.com/1244825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50118"
},
{
"cve": "CVE-2022-50120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not needed anymore.\nThis function has two paths missing of_node_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50120",
"url": "https://www.suse.com/security/cve/CVE-2022-50120"
},
{
"category": "external",
"summary": "SUSE Bug 1244819 for CVE-2022-50120",
"url": "https://bugzilla.suse.com/1244819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50120"
},
{
"cve": "CVE-2022-50121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference count of the previous node.\nWhen breaking early from a for_each_available_child_of_node() loop,\nwe need to explicitly call of_node_put() on the child node.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50121",
"url": "https://www.suse.com/security/cve/CVE-2022-50121"
},
{
"category": "external",
"summary": "SUSE Bug 1244823 for CVE-2022-50121",
"url": "https://bugzilla.suse.com/1244823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50121"
},
{
"cve": "CVE-2022-50124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50124",
"url": "https://www.suse.com/security/cve/CVE-2022-50124"
},
{
"category": "external",
"summary": "SUSE Bug 1244816 for CVE-2022-50124",
"url": "https://bugzilla.suse.com/1244816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50124"
},
{
"cve": "CVE-2022-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50125",
"url": "https://www.suse.com/security/cve/CVE-2022-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1244814 for CVE-2022-50125",
"url": "https://bugzilla.suse.com/1244814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50125"
},
{
"cve": "CVE-2022-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: fix assertion \u0027jh-\u003eb_frozen_data == NULL\u0027 failure when journal aborted\n\nFollowing process will fail assertion \u0027jh-\u003eb_frozen_data == NULL\u0027 in\njbd2_journal_dirty_metadata():\n\n jbd2_journal_commit_transaction\nunlink(dir/a)\n jh-\u003eb_transaction = trans1\n jh-\u003eb_jlist = BJ_Metadata\n journal-\u003ej_running_transaction = NULL\n trans1-\u003et_state = T_COMMIT\nunlink(dir/b)\n handle-\u003eh_trans = trans2\n do_get_write_access\n jh-\u003eb_modified = 0\n jh-\u003eb_frozen_data = frozen_buffer\n jh-\u003eb_next_transaction = trans2\n jbd2_journal_dirty_metadata\n is_handle_aborted\n is_journal_aborted // return false\n\n --\u003e jbd2 abort \u003c--\n\n while (commit_transaction-\u003et_buffers)\n if (is_journal_aborted)\n jbd2_journal_refile_buffer\n __jbd2_journal_refile_buffer\n WRITE_ONCE(jh-\u003eb_transaction,\n\t\t\t\t\t\tjh-\u003eb_next_transaction)\n WRITE_ONCE(jh-\u003eb_next_transaction, NULL)\n __jbd2_journal_file_buffer(jh, BJ_Reserved)\n J_ASSERT_JH(jh, jh-\u003eb_frozen_data == NULL) // assertion failure !\n\nThe reproducer (See detail in [Link]) reports:\n ------------[ cut here ]------------\n kernel BUG at fs/jbd2/transaction.c:1629!\n invalid opcode: 0000 [#1] PREEMPT SMP\n CPU: 2 PID: 584 Comm: unlink Tainted: G W\n 5.19.0-rc6-00115-g4a57a8400075-dirty #697\n RIP: 0010:jbd2_journal_dirty_metadata+0x3c5/0x470\n RSP: 0018:ffffc90000be7ce0 EFLAGS: 00010202\n Call Trace:\n \u003cTASK\u003e\n __ext4_handle_dirty_metadata+0xa0/0x290\n ext4_handle_dirty_dirblock+0x10c/0x1d0\n ext4_delete_entry+0x104/0x200\n __ext4_unlink+0x22b/0x360\n ext4_unlink+0x275/0x390\n vfs_unlink+0x20b/0x4c0\n do_unlinkat+0x42f/0x4c0\n __x64_sys_unlink+0x37/0x50\n do_syscall_64+0x35/0x80\n\nAfter journal aborting, __jbd2_journal_refile_buffer() is executed with\nholding @jh-\u003eb_state_lock, we can fix it by moving \u0027is_handle_aborted()\u0027\ninto the area protected by @jh-\u003eb_state_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50126",
"url": "https://www.suse.com/security/cve/CVE-2022-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1244813 for CVE-2022-50126",
"url": "https://bugzilla.suse.com/1244813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50126"
},
{
"cve": "CVE-2022-50127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50127"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix error unwind in rxe_create_qp()\n\nIn the function rxe_create_qp(), rxe_qp_from_init() is called to\ninitialize qp, internally things like the spin locks are not setup until\nrxe_qp_init_req().\n\nIf an error occures before this point then the unwind will call\nrxe_cleanup() and eventually to rxe_qp_do_cleanup()/rxe_cleanup_task()\nwhich will oops when trying to access the uninitialized spinlock.\n\nMove the spinlock initializations earlier before any failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50127",
"url": "https://www.suse.com/security/cve/CVE-2022-50127"
},
{
"category": "external",
"summary": "SUSE Bug 1244815 for CVE-2022-50127",
"url": "https://bugzilla.suse.com/1244815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50127"
},
{
"cve": "CVE-2022-50129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Fix a use-after-free\n\nChange the LIO port members inside struct srpt_port from regular members\ninto pointers. Allocate the LIO port data structures from inside\nsrpt_make_tport() and free these from inside srpt_make_tport(). Keep\nstruct srpt_device as long as either an RDMA port or a LIO target port is\nassociated with it. This patch decouples the lifetime of struct srpt_port\n(controlled by the RDMA core) and struct srpt_port_id (controlled by LIO).\nThis patch fixes the following KASAN complaint:\n\n BUG: KASAN: use-after-free in srpt_enable_tpg+0x31/0x70 [ib_srpt]\n Read of size 8 at addr ffff888141cc34b8 by task check/5093\n\n Call Trace:\n \u003cTASK\u003e\n show_stack+0x4e/0x53\n dump_stack_lvl+0x51/0x66\n print_address_description.constprop.0.cold+0xea/0x41e\n print_report.cold+0x90/0x205\n kasan_report+0xb9/0xf0\n __asan_load8+0x69/0x90\n srpt_enable_tpg+0x31/0x70 [ib_srpt]\n target_fabric_tpg_base_enable_store+0xe2/0x140 [target_core_mod]\n configfs_write_iter+0x18b/0x210\n new_sync_write+0x1f2/0x2f0\n vfs_write+0x3e3/0x540\n ksys_write+0xbb/0x140\n __x64_sys_write+0x42/0x50\n do_syscall_64+0x34/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50129",
"url": "https://www.suse.com/security/cve/CVE-2022-50129"
},
{
"category": "external",
"summary": "SUSE Bug 1244811 for CVE-2022-50129",
"url": "https://bugzilla.suse.com/1244811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50129"
},
{
"cve": "CVE-2022-50131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: mcp2221: prevent a buffer overflow in mcp_smbus_write()\n\nSmatch Warning:\ndrivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy()\n\u0027\u0026mcp-\u003etxbuf[5]\u0027 too small (59 vs 255)\ndrivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy() \u0027buf\u0027\ntoo small (34 vs 255)\n\nThe \u0027len\u0027 variable can take a value between 0-255 as it can come from\ndata-\u003eblock[0] and it is user data. So add an bound check to prevent a\nbuffer overflow in memcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50131",
"url": "https://www.suse.com/security/cve/CVE-2022-50131"
},
{
"category": "external",
"summary": "SUSE Bug 1244807 for CVE-2022-50131",
"url": "https://bugzilla.suse.com/1244807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50131"
},
{
"cve": "CVE-2022-50132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: change place of \u0027priv_ep\u0027 assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()\n\nIf \u0027ep\u0027 is NULL, result of ep_to_cdns3_ep(ep) is invalid pointer\nand its dereference with priv_ep-\u003ecdns3_dev may cause panic.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50132",
"url": "https://www.suse.com/security/cve/CVE-2022-50132"
},
{
"category": "external",
"summary": "SUSE Bug 1244808 for CVE-2022-50132",
"url": "https://bugzilla.suse.com/1244808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50132"
},
{
"cve": "CVE-2022-50133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci_plat_remove: avoid NULL dereference\n\nSince commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a (\"usb: host:\nxhci-plat: omit shared hcd if either root hub has no ports\")\nxhci-\u003eshared_hcd can be NULL, which causes the following Oops\non reboot:\n\n[ 710.124450] systemd-shutdown[1]: Rebooting.\n[ 710.298861] xhci-hcd xhci-hcd.2.auto: remove, state 4\n[ 710.304217] usb usb3: USB disconnect, device number 1\n[ 710.317441] xhci-hcd xhci-hcd.2.auto: USB bus 3 deregistered\n[ 710.323280] xhci-hcd xhci-hcd.2.auto: remove, state 1\n[ 710.328401] usb usb2: USB disconnect, device number 1\n[ 710.333515] usb 2-3: USB disconnect, device number 2\n[ 710.467649] xhci-hcd xhci-hcd.2.auto: USB bus 2 deregistered\n[ 710.475450] Unable to handle kernel NULL pointer dereference at virtual address 00000000000003b8\n[ 710.484425] Mem abort info:\n[ 710.487265] ESR = 0x0000000096000004\n[ 710.491060] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 710.496427] SET = 0, FnV = 0\n[ 710.499525] EA = 0, S1PTW = 0\n[ 710.502716] FSC = 0x04: level 0 translation fault\n[ 710.507648] Data abort info:\n[ 710.510577] ISV = 0, ISS = 0x00000004\n[ 710.514462] CM = 0, WnR = 0\n[ 710.517480] user pgtable: 4k pages, 48-bit VAs, pgdp=00000008b0050000\n[ 710.523976] [00000000000003b8] pgd=0000000000000000, p4d=0000000000000000\n[ 710.530961] Internal error: Oops: 96000004 [#1] PREEMPT SMP\n[ 710.536551] Modules linked in: rfkill input_leds snd_soc_simple_card snd_soc_simple_card_utils snd_soc_nau8822 designware_i2s snd_soc_core dw_hdmi_ahb_audio snd_pcm_dmaengine arm_ccn panfrost ac97_bus gpu_sched snd_pcm at24 fuse configfs sdhci_of_dwcmshc sdhci_pltfm sdhci nvme led_class mmc_core nvme_core bt1_pvt polynomial tp_serio snd_seq_midi snd_seq_midi_event snd_seq snd_timer snd_rawmidi snd_seq_device snd soundcore efivarfs ipv6\n[ 710.575286] CPU: 7 PID: 1 Comm: systemd-shutdow Not tainted 5.19.0-rc7-00043-gfd8619f4fd54 #1\n[ 710.583822] Hardware name: T-Platforms TF307-MB/BM1BM1-A, BIOS 5.6 07/06/2022\n[ 710.590972] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 710.597949] pc : usb_remove_hcd+0x34/0x1e4\n[ 710.602067] lr : xhci_plat_remove+0x74/0x140\n[ 710.606351] sp : ffff800009f3b7c0\n[ 710.609674] x29: ffff800009f3b7c0 x28: ffff000800960040 x27: 0000000000000000\n[ 710.616833] x26: ffff800008dc22a0 x25: 0000000000000000 x24: 0000000000000000\n[ 710.623992] x23: 0000000000000000 x22: ffff000805465810 x21: ffff000805465800\n[ 710.631149] x20: ffff000800f80000 x19: 0000000000000000 x18: ffffffffffffffff\n[ 710.638307] x17: ffff000805096000 x16: ffff00080633b800 x15: ffff000806537a1c\n[ 710.645465] x14: 0000000000000001 x13: 0000000000000000 x12: ffff00080378d6f0\n[ 710.652621] x11: ffff00080041a900 x10: ffff800009b204e8 x9 : ffff8000088abaa4\n[ 710.659779] x8 : ffff000800960040 x7 : ffff800009409000 x6 : 0000000000000001\n[ 710.666936] x5 : ffff800009241000 x4 : ffff800009241440 x3 : 0000000000000000\n[ 710.674094] x2 : ffff000800960040 x1 : ffff000800960040 x0 : 0000000000000000\n[ 710.681251] Call trace:\n[ 710.683704] usb_remove_hcd+0x34/0x1e4\n[ 710.687467] xhci_plat_remove+0x74/0x140\n[ 710.691400] platform_remove+0x34/0x70\n[ 710.695165] device_remove+0x54/0x90\n[ 710.698753] device_release_driver_internal+0x200/0x270\n[ 710.703992] device_release_driver+0x24/0x30\n[ 710.708273] bus_remove_device+0xe0/0x16c\n[ 710.712293] device_del+0x178/0x390\n[ 710.715797] platform_device_del.part.0+0x24/0x90\n[ 710.720514] platform_device_unregister+0x30/0x50\n[ 710.725232] dwc3_host_exit+0x20/0x30\n[ 710.728907] dwc3_remove+0x174/0x1b0\n[ 710.732494] platform_remove+0x34/0x70\n[ 710.736254] device_remove+0x54/0x90\n[ 710.739840] device_release_driver_internal+0x200/0x270\n[ 710.745078] device_release_driver+0x24/0x30\n[ 710.749359] bus_remove_device+0xe0/0x16c\n[ 710.753380] device_del+0x178/0x390\n[ 710.756881] platform_device_del.part\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50133",
"url": "https://www.suse.com/security/cve/CVE-2022-50133"
},
{
"category": "external",
"summary": "SUSE Bug 1244806 for CVE-2022-50133",
"url": "https://bugzilla.suse.com/1244806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50133"
},
{
"cve": "CVE-2022-50134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50134"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: fix potential memory leak in setup_base_ctxt()\n\nsetup_base_ctxt() allocates a memory chunk for uctxt-\u003egroups with\nhfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt-\u003egroups\nis not released, which will lead to a memory leak.\n\nWe should release the uctxt-\u003egroups with hfi1_free_ctxt_rcv_groups()\nwhen init_user_ctxt() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50134",
"url": "https://www.suse.com/security/cve/CVE-2022-50134"
},
{
"category": "external",
"summary": "SUSE Bug 1244802 for CVE-2022-50134",
"url": "https://bugzilla.suse.com/1244802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50134"
},
{
"cve": "CVE-2022-50135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup\n\nThe function rxe_create_qp calls rxe_qp_from_init. If some error\noccurs, the error handler of function rxe_qp_from_init will set\nboth scq and rcq to NULL.\n\nThen rxe_create_qp calls rxe_put to handle qp. In the end,\nrxe_qp_do_cleanup is called by rxe_put. rxe_qp_do_cleanup directly\naccesses scq and rcq before checking them. This will cause\nnull-ptr-deref error.\n\nThe call graph is as below:\n\nrxe_create_qp {\n ...\n rxe_qp_from_init {\n ...\n err1:\n ...\n qp-\u003ercq = NULL; \u003c---rcq is set to NULL\n qp-\u003escq = NULL; \u003c---scq is set to NULL\n ...\n }\n\nqp_init:\n rxe_put{\n ...\n rxe_qp_do_cleanup {\n ...\n atomic_dec(\u0026qp-\u003escq-\u003enum_wq); \u003c--- scq is accessed\n ...\n atomic_dec(\u0026qp-\u003ercq-\u003enum_wq); \u003c--- rcq is accessed\n }\n}",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50135",
"url": "https://www.suse.com/security/cve/CVE-2022-50135"
},
{
"category": "external",
"summary": "SUSE Bug 1244805 for CVE-2022-50135",
"url": "https://bugzilla.suse.com/1244805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50135"
},
{
"cve": "CVE-2022-50136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event\n\nIf siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn\u0027t\nbeen received completely, and should not report IW_CM_EVENT_CONNECT_REPLY\nin this case. This may trigger a call trace in iw_cm. A simple way to\ntrigger this:\n server: ib_send_lat\n client: ib_send_lat -R \u003cserver_ip\u003e\n\nThe call trace looks like this:\n\n kernel BUG at drivers/infiniband/core/iwcm.c:894!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n \u003c...\u003e\n Workqueue: iw_cm_wq cm_work_handler [iw_cm]\n Call Trace:\n \u003cTASK\u003e\n cm_work_handler+0x1dd/0x370 [iw_cm]\n process_one_work+0x1e2/0x3b0\n worker_thread+0x49/0x2e0\n ? rescuer_thread+0x370/0x370\n kthread+0xe5/0x110\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50136",
"url": "https://www.suse.com/security/cve/CVE-2022-50136"
},
{
"category": "external",
"summary": "SUSE Bug 1244804 for CVE-2022-50136",
"url": "https://bugzilla.suse.com/1244804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50136"
},
{
"cve": "CVE-2022-50137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50137"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix a window for use-after-free\n\nDuring a destroy CQ an interrupt may cause processing of a CQE after CQ\nresources are freed by irdma_cq_free_rsrc(). Fix this by moving the call\nto irdma_cq_free_rsrc() after the irdma_sc_cleanup_ceqes(), which is\ncalled under the cq_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50137",
"url": "https://www.suse.com/security/cve/CVE-2022-50137"
},
{
"category": "external",
"summary": "SUSE Bug 1244800 for CVE-2022-50137",
"url": "https://bugzilla.suse.com/1244800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50137"
},
{
"cve": "CVE-2022-50138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()\n\n__qedr_alloc_mr() allocates a memory chunk for \"mr-\u003einfo.pbl_table\" with\ninit_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, \"mr\"\nis released while \"mr-\u003einfo.pbl_table\" is not released, which will lead\nto a memory leak.\n\nWe should release the \"mr-\u003einfo.pbl_table\" with qedr_free_pbl() when error\noccurs to fix the memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50138",
"url": "https://www.suse.com/security/cve/CVE-2022-50138"
},
{
"category": "external",
"summary": "SUSE Bug 1244797 for CVE-2022-50138",
"url": "https://bugzilla.suse.com/1244797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50138"
},
{
"cve": "CVE-2022-50139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()\n\nWe should call of_node_put() for the reference returned by\nof_get_child_by_name() which has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50139",
"url": "https://www.suse.com/security/cve/CVE-2022-50139"
},
{
"category": "external",
"summary": "SUSE Bug 1244798 for CVE-2022-50139",
"url": "https://bugzilla.suse.com/1244798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50139"
},
{
"cve": "CVE-2022-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick/ms_block: Fix a memory leak\n\n\u0027erased_blocks_bitmap\u0027 is never freed. As it is allocated at the same time\nas \u0027used_blocks_bitmap\u0027, it is likely that it should be freed also at the\nsame time.\n\nAdd the corresponding bitmap_free() in msb_data_clear().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50140",
"url": "https://www.suse.com/security/cve/CVE-2022-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1244793 for CVE-2022-50140",
"url": "https://bugzilla.suse.com/1244793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50140"
},
{
"cve": "CVE-2022-50141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\nof_node_put() checks null pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50141",
"url": "https://www.suse.com/security/cve/CVE-2022-50141"
},
{
"category": "external",
"summary": "SUSE Bug 1244794 for CVE-2022-50141",
"url": "https://bugzilla.suse.com/1244794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50141"
},
{
"cve": "CVE-2022-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: msu: Fix vmalloced buffers\n\nAfter commit f5ff79fddf0e (\"dma-mapping: remove CONFIG_DMA_REMAP\") there\u0027s\na chance of DMA buffer getting allocated via vmalloc(), which messes up\nthe mmapping code:\n\n\u003e RIP: msc_mmap_fault [intel_th_msu]\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e __do_fault\n\u003e do_fault\n...\n\nFix this by accounting for vmalloc possibility.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50142",
"url": "https://www.suse.com/security/cve/CVE-2022-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1244796 for CVE-2022-50142",
"url": "https://bugzilla.suse.com/1244796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50142"
},
{
"cve": "CVE-2022-50143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: Fix a resource leak in an error handling path\n\nIf an error occurs after calling \u0027pci_alloc_irq_vectors()\u0027,\n\u0027pci_free_irq_vectors()\u0027 must be called as already done in the remove\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50143",
"url": "https://www.suse.com/security/cve/CVE-2022-50143"
},
{
"category": "external",
"summary": "SUSE Bug 1244790 for CVE-2022-50143",
"url": "https://bugzilla.suse.com/1244790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50143"
},
{
"cve": "CVE-2022-50144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: revisit driver bind/unbind and callbacks\n\nIn the SoundWire probe, we store a pointer from the driver ops into\nthe \u0027slave\u0027 structure. This can lead to kernel oopses when unbinding\ncodec drivers, e.g. with the following sequence to remove machine\ndriver and codec driver.\n\n/sbin/modprobe -r snd_soc_sof_sdw\n/sbin/modprobe -r snd_soc_rt711\n\nThe full details can be found in the BugLink below, for reference the\ntwo following examples show different cases of driver ops/callbacks\nbeing invoked after the driver .remove().\n\nkernel: BUG: kernel NULL pointer dereference, address: 0000000000000150\nkernel: Workqueue: events cdns_update_slave_status_work [soundwire_cadence]\nkernel: RIP: 0010:mutex_lock+0x19/0x30\nkernel: Call Trace:\nkernel: ? sdw_handle_slave_status+0x426/0xe00 [soundwire_bus 94ff184bf398570c3f8ff7efe9e32529f532e4ae]\nkernel: ? newidle_balance+0x26a/0x400\nkernel: ? cdns_update_slave_status_work+0x1e9/0x200 [soundwire_cadence 1bcf98eebe5ba9833cd433323769ac923c9c6f82]\n\nkernel: BUG: unable to handle page fault for address: ffffffffc07654c8\nkernel: Workqueue: pm pm_runtime_work\nkernel: RIP: 0010:sdw_bus_prep_clk_stop+0x6f/0x160 [soundwire_bus]\nkernel: Call Trace:\nkernel: \u003cTASK\u003e\nkernel: sdw_cdns_clock_stop+0xb5/0x1b0 [soundwire_cadence 1bcf98eebe5ba9833cd433323769ac923c9c6f82]\nkernel: intel_suspend_runtime+0x5f/0x120 [soundwire_intel aca858f7c87048d3152a4a41bb68abb9b663a1dd]\nkernel: ? dpm_sysfs_remove+0x60/0x60\n\nThis was not detected earlier in Intel tests since the tests first\nremove the parent PCI device and shut down the bus. The sequence\nabove is a corner case which keeps the bus operational but without a\ndriver bound.\n\nWhile trying to solve this kernel oopses, it became clear that the\nexisting SoundWire bus does not deal well with the unbind case.\n\nCommit 528be501b7d4a (\"soundwire: sdw_slave: add probe_complete structure and new fields\")\nadded a \u0027probed\u0027 status variable and a \u0027probe_complete\u0027\nstruct completion. This status is however not reset on remove and\nlikewise the \u0027probe complete\u0027 is not re-initialized, so the\nbind/unbind/bind test cases would fail. The timeout used before the\n\u0027update_status\u0027 callback was also a bad idea in hindsight, there\nshould really be no timing assumption as to if and when a driver is\nbound to a device.\n\nAn initial draft was based on device_lock() and device_unlock() was\ntested. This proved too complicated, with deadlocks created during the\nsuspend-resume sequences, which also use the same device_lock/unlock()\nas the bind/unbind sequences. On a CometLake device, a bad DSDT/BIOS\ncaused spurious resumes and the use of device_lock() caused hangs\nduring suspend. After multiple weeks or testing and painful\nreverse-engineering of deadlocks on different devices, we looked for\nalternatives that did not interfere with the device core.\n\nA bus notifier was used successfully to keep track of DRIVER_BOUND and\nDRIVER_UNBIND events. This solved the bind-unbind-bind case in tests,\nbut it can still be defeated with a theoretical corner case where the\nmemory is freed by a .remove while the callback is in use. The\nnotifier only helps make sure the driver callbacks are valid, but not\nthat the memory allocated in probe remains valid while the callbacks\nare invoked.\n\nThis patch suggests the introduction of a new \u0027sdw_dev_lock\u0027 mutex\nprotecting probe/remove and all driver callbacks. Since this mutex is\n\u0027local\u0027 to SoundWire only, it does not interfere with existing locks\nand does not create deadlocks. In addition, this patch removes the\n\u0027probe_complete\u0027 completion, instead we directly invoke the\n\u0027update_status\u0027 from the probe routine. That removes any sort of\ntiming dependency and a much better support for the device/driver\nmodel, the driver could be bound before the bus started, or eons after\nthe bus started and the hardware would be properly initialized in all\ncases.\n\nBugLink: https://github.com/thesofproject/linux/is\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50144",
"url": "https://www.suse.com/security/cve/CVE-2022-50144"
},
{
"category": "external",
"summary": "SUSE Bug 1244791 for CVE-2022-50144",
"url": "https://bugzilla.suse.com/1244791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50144"
},
{
"cve": "CVE-2022-50145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: sf-pdma: Add multithread support for a DMA channel\n\nWhen we get a DMA channel and try to use it in multiple threads it\nwill cause oops and hanging the system.\n\n% echo 64 \u003e /sys/module/dmatest/parameters/threads_per_chan\n% echo 10000 \u003e /sys/module/dmatest/parameters/iterations\n% echo 1 \u003e /sys/module/dmatest/parameters/run\n[ 89.480664] Unable to handle kernel NULL pointer dereference at virtual\n address 00000000000000a0\n[ 89.488725] Oops [#1]\n[ 89.494708] CPU: 2 PID: 1008 Comm: dma0chan0-copy0 Not tainted\n 5.17.0-rc5\n[ 89.509385] epc : vchan_find_desc+0x32/0x46\n[ 89.513553] ra : sf_pdma_tx_status+0xca/0xd6\n\nThis happens because of data race. Each thread rewrite channels\u0027s\ndescriptor as soon as device_prep_dma_memcpy() is called. It leads to the\nsituation when the driver thinks that it uses right descriptor that\nactually is freed or substituted for other one.\n\nWith current fixes a descriptor changes its value only when it has\nbeen used. A new descriptor is acquired from vc-\u003edesc_issued queue that\nis already filled with descriptors that are ready to be sent. Threads\nhave no direct access to DMA channel descriptor. Now it is just possible\nto queue a descriptor for further processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50145",
"url": "https://www.suse.com/security/cve/CVE-2022-50145"
},
{
"category": "external",
"summary": "SUSE Bug 1244787 for CVE-2022-50145",
"url": "https://bugzilla.suse.com/1244787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50145"
},
{
"cve": "CVE-2022-50146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors\n\nIf dw_pcie_ep_init() fails to perform any action after the EPC memory is\ninitialized and the MSI memory region is allocated, the latter parts won\u0027t\nbe undone thus causing a memory leak. Add a cleanup-on-error path to fix\nthese leaks.\n\n[bhelgaas: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50146",
"url": "https://www.suse.com/security/cve/CVE-2022-50146"
},
{
"category": "external",
"summary": "SUSE Bug 1244788 for CVE-2022-50146",
"url": "https://bugzilla.suse.com/1244788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50146"
},
{
"cve": "CVE-2022-50149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential deadlock in __driver_attach\n\nIn __driver_attach function, There are also AA deadlock problem,\nlike the commit b232b02bf3c2 (\"driver core: fix deadlock in\n__device_attach\").\n\nstack like commit b232b02bf3c2 (\"driver core: fix deadlock in\n__device_attach\").\nlist below:\n In __driver_attach function, The lock holding logic is as follows:\n ...\n __driver_attach\n if (driver_allows_async_probing(drv))\n device_lock(dev) // get lock dev\n async_schedule_dev(__driver_attach_async_helper, dev); // func\n async_schedule_node\n async_schedule_node_domain(func)\n entry = kzalloc(sizeof(struct async_entry), GFP_ATOMIC);\n /* when fail or work limit, sync to execute func, but\n __driver_attach_async_helper will get lock dev as\n will, which will lead to A-A deadlock. */\n if (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK) {\n func;\n else\n queue_work_node(node, system_unbound_wq, \u0026entry-\u003ework)\n device_unlock(dev)\n\n As above show, when it is allowed to do async probes, because of\n out of memory or work limit, async work is not be allowed, to do\n sync execute instead. it will lead to A-A deadlock because of\n __driver_attach_async_helper getting lock dev.\n\nReproduce:\nand it can be reproduce by make the condition\n(if (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK)) untenable, like\nbelow:\n\n[ 370.785650] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables\nthis message.\n[ 370.787154] task:swapper/0 state:D stack: 0 pid: 1 ppid:\n0 flags:0x00004000\n[ 370.788865] Call Trace:\n[ 370.789374] \u003cTASK\u003e\n[ 370.789841] __schedule+0x482/0x1050\n[ 370.790613] schedule+0x92/0x1a0\n[ 370.791290] schedule_preempt_disabled+0x2c/0x50\n[ 370.792256] __mutex_lock.isra.0+0x757/0xec0\n[ 370.793158] __mutex_lock_slowpath+0x1f/0x30\n[ 370.794079] mutex_lock+0x50/0x60\n[ 370.794795] __device_driver_lock+0x2f/0x70\n[ 370.795677] ? driver_probe_device+0xd0/0xd0\n[ 370.796576] __driver_attach_async_helper+0x1d/0xd0\n[ 370.797318] ? driver_probe_device+0xd0/0xd0\n[ 370.797957] async_schedule_node_domain+0xa5/0xc0\n[ 370.798652] async_schedule_node+0x19/0x30\n[ 370.799243] __driver_attach+0x246/0x290\n[ 370.799828] ? driver_allows_async_probing+0xa0/0xa0\n[ 370.800548] bus_for_each_dev+0x9d/0x130\n[ 370.801132] driver_attach+0x22/0x30\n[ 370.801666] bus_add_driver+0x290/0x340\n[ 370.802246] driver_register+0x88/0x140\n[ 370.802817] ? virtio_scsi_init+0x116/0x116\n[ 370.803425] scsi_register_driver+0x1a/0x30\n[ 370.804057] init_sd+0x184/0x226\n[ 370.804533] do_one_initcall+0x71/0x3a0\n[ 370.805107] kernel_init_freeable+0x39a/0x43a\n[ 370.805759] ? rest_init+0x150/0x150\n[ 370.806283] kernel_init+0x26/0x230\n[ 370.806799] ret_from_fork+0x1f/0x30\n\nTo fix the deadlock, move the async_schedule_dev outside device_lock,\nas we can see, in async_schedule_node_domain, the parameter of\nqueue_work_node is system_unbound_wq, so it can accept concurrent\noperations. which will also not change the code logic, and will\nnot lead to deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50149",
"url": "https://www.suse.com/security/cve/CVE-2022-50149"
},
{
"category": "external",
"summary": "SUSE Bug 1244883 for CVE-2022-50149",
"url": "https://bugzilla.suse.com/1244883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50149"
},
{
"cve": "CVE-2022-50151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: fix random warning message when driver load\n\nWarning log:\n[ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code!\n[ 4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.15.5-00039-g2fd9ae1b568c #20\n[ 4.158010] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.163155] Call trace:\n[ 4.165600] dump_backtrace+0x0/0x1b0\n[ 4.169286] show_stack+0x18/0x68\n[ 4.172611] dump_stack_lvl+0x68/0x84\n[ 4.176286] dump_stack+0x18/0x34\n[ 4.179613] kmalloc_fix_flags+0x60/0x88\n[ 4.183550] new_slab+0x334/0x370\n[ 4.186878] ___slab_alloc.part.108+0x4d4/0x748\n[ 4.191419] __slab_alloc.isra.109+0x30/0x78\n[ 4.195702] kmem_cache_alloc+0x40c/0x420\n[ 4.199725] dma_pool_alloc+0xac/0x1f8\n[ 4.203486] cdns3_allocate_trb_pool+0xb4/0xd0\n\npool_alloc_page(struct dma_pool *pool, gfp_t mem_flags)\n{\n\t...\n\tpage = kmalloc(sizeof(*page), mem_flags);\n\tpage-\u003evaddr = dma_alloc_coherent(pool-\u003edev, pool-\u003eallocation,\n\t\t\t\t\t \u0026page-\u003edma, mem_flags);\n\t...\n}\n\nkmalloc was called with mem_flags, which is passed down in\ncdns3_allocate_trb_pool() and have GFP_DMA32 flags.\nkmall_fix_flags() report warning.\n\nGFP_DMA32 is not useful at all. dma_alloc_coherent() will handle\nDMA memory region correctly by pool-\u003edev. GFP_DMA32 can be removed\nsafely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50151",
"url": "https://www.suse.com/security/cve/CVE-2022-50151"
},
{
"category": "external",
"summary": "SUSE Bug 1245093 for CVE-2022-50151",
"url": "https://bugzilla.suse.com/1245093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50151"
},
{
"cve": "CVE-2022-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50152",
"url": "https://www.suse.com/security/cve/CVE-2022-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1244783 for CVE-2022-50152",
"url": "https://bugzilla.suse.com/1244783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50152"
},
{
"cve": "CVE-2022-50153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: Fix refcount leak in ehci_hcd_ppc_of_probe\n\nof_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50153",
"url": "https://www.suse.com/security/cve/CVE-2022-50153"
},
{
"category": "external",
"summary": "SUSE Bug 1244786 for CVE-2022-50153",
"url": "https://bugzilla.suse.com/1244786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50153"
},
{
"cve": "CVE-2022-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: mediatek-gen3: Fix refcount leak in mtk_pcie_init_irq_domains()\n\nof_get_child_by_name() returns a node pointer with refcount incremented, so\nwe should use of_node_put() on it when we don\u0027t need it anymore.\n\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50154",
"url": "https://www.suse.com/security/cve/CVE-2022-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1244784 for CVE-2022-50154",
"url": "https://bugzilla.suse.com/1244784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50154"
},
{
"cve": "CVE-2022-50155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset\n\nof_find_node_by_path() returns a node pointer with refcount incremented,\nwe should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50155",
"url": "https://www.suse.com/security/cve/CVE-2022-50155"
},
{
"category": "external",
"summary": "SUSE Bug 1244781 for CVE-2022-50155",
"url": "https://bugzilla.suse.com/1244781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50155"
},
{
"cve": "CVE-2022-50156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: cp2112: prevent a buffer overflow in cp2112_xfer()\n\nSmatch warnings:\ndrivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()\n\u0027data-\u003eblock[1]\u0027 too small (33 vs 255)\ndrivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() \u0027buf\u0027 too\nsmall (64 vs 255)\n\nThe \u0027read_length\u0027 variable is provided by \u0027data-\u003eblock[0]\u0027 which comes\nfrom user and it(read_length) can take a value between 0-255. Add an\nupper bound to \u0027read_length\u0027 variable to prevent a buffer overflow in\nmemcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50156",
"url": "https://www.suse.com/security/cve/CVE-2022-50156"
},
{
"category": "external",
"summary": "SUSE Bug 1244782 for CVE-2022-50156",
"url": "https://bugzilla.suse.com/1244782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50156"
},
{
"cve": "CVE-2022-50157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()\n\nof_get_next_child() returns a node pointer with refcount incremented, so we\nshould use of_node_put() on it when we don\u0027t need it anymore.\n\nmc_pcie_init_irq_domains() only calls of_node_put() in the normal path,\nmissing it in some error paths. Add missing of_node_put() to avoid\nrefcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50157",
"url": "https://www.suse.com/security/cve/CVE-2022-50157"
},
{
"category": "external",
"summary": "SUSE Bug 1244780 for CVE-2022-50157",
"url": "https://bugzilla.suse.com/1244780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50157"
},
{
"cve": "CVE-2022-50158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: partitions: Fix refcount leak in parse_redboot_of\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50158",
"url": "https://www.suse.com/security/cve/CVE-2022-50158"
},
{
"category": "external",
"summary": "SUSE Bug 1244779 for CVE-2022-50158",
"url": "https://bugzilla.suse.com/1244779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50158"
},
{
"cve": "CVE-2022-50160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: Fix refcount leak in ap_flash_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50160",
"url": "https://www.suse.com/security/cve/CVE-2022-50160"
},
{
"category": "external",
"summary": "SUSE Bug 1244776 for CVE-2022-50160",
"url": "https://bugzilla.suse.com/1244776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50160"
},
{
"cve": "CVE-2022-50161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: Fix refcount leak in of_flash_probe_versatile\n\nof_find_matching_node_and_match() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50161",
"url": "https://www.suse.com/security/cve/CVE-2022-50161"
},
{
"category": "external",
"summary": "SUSE Bug 1244774 for CVE-2022-50161",
"url": "https://bugzilla.suse.com/1244774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50161"
},
{
"cve": "CVE-2022-50162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: Fix possible refcount leak in if_usb_probe()\n\nusb_get_dev will be called before lbs_get_firmware_async which means that\nusb_put_dev need to be called when lbs_get_firmware_async fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50162",
"url": "https://www.suse.com/security/cve/CVE-2022-50162"
},
{
"category": "external",
"summary": "SUSE Bug 1244773 for CVE-2022-50162",
"url": "https://bugzilla.suse.com/1244773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50162"
},
{
"cve": "CVE-2022-50164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50164"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue\n\nAfter successfull station association, if station queues are disabled for\nsome reason, the related lists are not emptied. So if some new element is\nadded to the list in iwl_mvm_mac_wake_tx_queue, it can match with the old\none and produce a BUG like this:\n\n[ 46.535263] list_add corruption. prev-\u003enext should be next (ffff94c1c318a360), but was 0000000000000000. (prev=ffff94c1d02d3388).\n[ 46.535283] ------------[ cut here ]------------\n[ 46.535284] kernel BUG at lib/list_debug.c:26!\n[ 46.535290] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 46.585304] CPU: 0 PID: 623 Comm: wpa_supplicant Not tainted 5.19.0-rc3+ #1\n[ 46.592380] Hardware name: Dell Inc. Inspiron 660s/0478VN , BIOS A07 08/24/2012\n[ 46.600336] RIP: 0010:__list_add_valid.cold+0x3d/0x3f\n[ 46.605475] Code: f2 4c 89 c1 48 89 fe 48 c7 c7 c8 40 67 93 e8 20 cc fd ff 0f 0b 48 89 d1 4c 89 c6 4c 89 ca 48 c7 c7 70 40 67 93 e8 09 cc fd ff \u003c0f\u003e 0b 48 89 fe 48 c7 c7 00 41 67 93 e8 f8 cb fd ff 0f 0b 48 89 d1\n[ 46.624469] RSP: 0018:ffffb20800ab76d8 EFLAGS: 00010286\n[ 46.629854] RAX: 0000000000000075 RBX: ffff94c1c318a0e0 RCX: 0000000000000000\n[ 46.637105] RDX: 0000000000000201 RSI: ffffffff9365e100 RDI: 00000000ffffffff\n[ 46.644356] RBP: ffff94c1c5f43370 R08: 0000000000000075 R09: 3064316334396666\n[ 46.651607] R10: 3364323064316334 R11: 39666666663d7665 R12: ffff94c1c5f43388\n[ 46.658857] R13: ffff94c1d02d3388 R14: ffff94c1c318a360 R15: ffff94c1cf2289c0\n[ 46.666108] FS: 00007f65634ff7c0(0000) GS:ffff94c1da200000(0000) knlGS:0000000000000000\n[ 46.674331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 46.680170] CR2: 00007f7dfe984460 CR3: 000000010e894003 CR4: 00000000000606f0\n[ 46.687422] Call Trace:\n[ 46.689906] \u003cTASK\u003e\n[ 46.691950] iwl_mvm_mac_wake_tx_queue+0xec/0x15c [iwlmvm]\n[ 46.697601] ieee80211_queue_skb+0x4b3/0x720 [mac80211]\n[ 46.702973] ? sta_info_get+0x46/0x60 [mac80211]\n[ 46.707703] ieee80211_tx+0xad/0x110 [mac80211]\n[ 46.712355] __ieee80211_tx_skb_tid_band+0x71/0x90 [mac80211]\n...\n\nIn order to avoid this problem, we must also remove the related lists when\nstation queues are disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50164",
"url": "https://www.suse.com/security/cve/CVE-2022-50164"
},
{
"category": "external",
"summary": "SUSE Bug 1244770 for CVE-2022-50164",
"url": "https://bugzilla.suse.com/1244770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50164"
},
{
"cve": "CVE-2022-50165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`\n\nCommit 7a4836560a61 changes simple_write_to_buffer() with memdup_user()\nbut it forgets to change the value to be returned that came from\nsimple_write_to_buffer() call. It results in the following warning:\n\n warning: variable \u0027rc\u0027 is uninitialized when used here [-Wuninitialized]\n return rc;\n ^~\n\nRemove rc variable and just return the passed in length if the\nmemdup_user() succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50165",
"url": "https://www.suse.com/security/cve/CVE-2022-50165"
},
{
"category": "external",
"summary": "SUSE Bug 1244771 for CVE-2022-50165",
"url": "https://bugzilla.suse.com/1244771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50165"
},
{
"cve": "CVE-2022-50166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: When HCI work queue is drained, only queue chained work\n\nThe HCI command, event, and data packet processing workqueue is drained\nto avoid deadlock in commit\n76727c02c1e1 (\"Bluetooth: Call drain_workqueue() before resetting state\").\n\nThere is another delayed work, which will queue command to this drained\nworkqueue. Which results in the following error report:\n\nBluetooth: hci2: command 0x040f tx timeout\nWARNING: CPU: 1 PID: 18374 at kernel/workqueue.c:1438 __queue_work+0xdad/0x1140\nWorkqueue: events hci_cmd_timeout\nRIP: 0010:__queue_work+0xdad/0x1140\nRSP: 0000:ffffc90002cffc60 EFLAGS: 00010093\nRAX: 0000000000000000 RBX: ffff8880b9d3ec00 RCX: 0000000000000000\nRDX: ffff888024ba0000 RSI: ffffffff814e048d RDI: ffff8880b9d3ec08\nRBP: 0000000000000008 R08: 0000000000000000 R09: 00000000b9d39700\nR10: ffffffff814f73c6 R11: 0000000000000000 R12: ffff88807cce4c60\nR13: 0000000000000000 R14: ffff8880796d8800 R15: ffff8880796d8800\nFS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000c0174b4000 CR3: 000000007cae9000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? queue_work_on+0xcb/0x110\n ? lockdep_hardirqs_off+0x90/0xd0\n queue_work_on+0xee/0x110\n process_one_work+0x996/0x1610\n ? pwq_dec_nr_in_flight+0x2a0/0x2a0\n ? rwlock_bug.part.0+0x90/0x90\n ? _raw_spin_lock_irq+0x41/0x50\n worker_thread+0x665/0x1080\n ? process_one_work+0x1610/0x1610\n kthread+0x2e9/0x3a0\n ? kthread_complete_and_exit+0x40/0x40\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n\nTo fix this, we can add a new HCI_DRAIN_WQ flag, and don\u0027t queue the\ntimeout workqueue while command workqueue is draining.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50166",
"url": "https://www.suse.com/security/cve/CVE-2022-50166"
},
{
"category": "external",
"summary": "SUSE Bug 1244772 for CVE-2022-50166",
"url": "https://bugzilla.suse.com/1244772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50166"
},
{
"cve": "CVE-2022-50169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n\nThe simple_write_to_buffer() function will succeed if even a single\nbyte is initialized. However, we need to initialize the whole buffer\nto prevent information leaks. Just use memdup_user().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50169",
"url": "https://www.suse.com/security/cve/CVE-2022-50169"
},
{
"category": "external",
"summary": "SUSE Bug 1244767 for CVE-2022-50169",
"url": "https://bugzilla.suse.com/1244767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50169"
},
{
"cve": "CVE-2022-50171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/sec - don\u0027t sleep when in softirq\n\nWhen kunpeng920 encryption driver is used to deencrypt and decrypt\npackets during the softirq, it is not allowed to use mutex lock. The\nkernel will report the following error:\n\nBUG: scheduling while atomic: swapper/57/0/0x00000300\nCall trace:\ndump_backtrace+0x0/0x1e4\nshow_stack+0x20/0x2c\ndump_stack+0xd8/0x140\n__schedule_bug+0x68/0x80\n__schedule+0x728/0x840\nschedule+0x50/0xe0\nschedule_preempt_disabled+0x18/0x24\n__mutex_lock.constprop.0+0x594/0x5dc\n__mutex_lock_slowpath+0x1c/0x30\nmutex_lock+0x50/0x60\nsec_request_init+0x8c/0x1a0 [hisi_sec2]\nsec_process+0x28/0x1ac [hisi_sec2]\nsec_skcipher_crypto+0xf4/0x1d4 [hisi_sec2]\nsec_skcipher_encrypt+0x1c/0x30 [hisi_sec2]\ncrypto_skcipher_encrypt+0x2c/0x40\ncrypto_authenc_encrypt+0xc8/0xfc [authenc]\ncrypto_aead_encrypt+0x2c/0x40\nechainiv_encrypt+0x144/0x1a0 [echainiv]\ncrypto_aead_encrypt+0x2c/0x40\nesp_output_tail+0x348/0x5c0 [esp4]\nesp_output+0x120/0x19c [esp4]\nxfrm_output_one+0x25c/0x4d4\nxfrm_output_resume+0x6c/0x1fc\nxfrm_output+0xac/0x3c0\nxfrm4_output+0x64/0x130\nip_build_and_send_pkt+0x158/0x20c\ntcp_v4_send_synack+0xdc/0x1f0\ntcp_conn_request+0x7d0/0x994\ntcp_v4_conn_request+0x58/0x6c\ntcp_v6_conn_request+0xf0/0x100\ntcp_rcv_state_process+0x1cc/0xd60\ntcp_v4_do_rcv+0x10c/0x250\ntcp_v4_rcv+0xfc4/0x10a4\nip_protocol_deliver_rcu+0xf4/0x200\nip_local_deliver_finish+0x58/0x70\nip_local_deliver+0x68/0x120\nip_sublist_rcv_finish+0x70/0x94\nip_list_rcv_finish.constprop.0+0x17c/0x1d0\nip_sublist_rcv+0x40/0xb0\nip_list_rcv+0x140/0x1dc\n__netif_receive_skb_list_core+0x154/0x28c\n__netif_receive_skb_list+0x120/0x1a0\nnetif_receive_skb_list_internal+0xe4/0x1f0\nnapi_complete_done+0x70/0x1f0\ngro_cell_poll+0x9c/0xb0\nnapi_poll+0xcc/0x264\nnet_rx_action+0xd4/0x21c\n__do_softirq+0x130/0x358\nirq_exit+0x11c/0x13c\n__handle_domain_irq+0x88/0xf0\ngic_handle_irq+0x78/0x2c0\nel1_irq+0xb8/0x140\narch_cpu_idle+0x18/0x40\ndefault_idle_call+0x5c/0x1c0\ncpuidle_idle_call+0x174/0x1b0\ndo_idle+0xc8/0x160\ncpu_startup_entry+0x30/0x11c\nsecondary_start_kernel+0x158/0x1e4\nsoftirq: huh, entered softirq 3 NET_RX 0000000093774ee4 with\npreempt_count 00000100, exited with fffffe00?",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50171",
"url": "https://www.suse.com/security/cve/CVE-2022-50171"
},
{
"category": "external",
"summary": "SUSE Bug 1244765 for CVE-2022-50171",
"url": "https://bugzilla.suse.com/1244765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50171"
},
{
"cve": "CVE-2022-50172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n\nFree the skb if mt76u_bulk_msg fails in __mt76x02u_mcu_send_msg routine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50172",
"url": "https://www.suse.com/security/cve/CVE-2022-50172"
},
{
"category": "external",
"summary": "SUSE Bug 1244764 for CVE-2022-50172",
"url": "https://bugzilla.suse.com/1244764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50172"
},
{
"cve": "CVE-2022-50173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Fix global state lock backoff\n\nWe need to grab the lock after the early return for !hwpipe case.\nOtherwise, we could have hit contention yet still returned 0.\n\nFixes an issue that the new CONFIG_DRM_DEBUG_MODESET_LOCK stuff flagged\nin CI:\n\n WARNING: CPU: 0 PID: 282 at drivers/gpu/drm/drm_modeset_lock.c:296 drm_modeset_lock+0xf8/0x154\n Modules linked in:\n CPU: 0 PID: 282 Comm: kms_cursor_lega Tainted: G W 5.19.0-rc2-15930-g875cc8bc536a #1\n Hardware name: Qualcomm Technologies, Inc. DB820c (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : drm_modeset_lock+0xf8/0x154\n lr : drm_atomic_get_private_obj_state+0x84/0x170\n sp : ffff80000cfab6a0\n x29: ffff80000cfab6a0 x28: 0000000000000000 x27: ffff000083bc4d00\n x26: 0000000000000038 x25: 0000000000000000 x24: ffff80000957ca58\n x23: 0000000000000000 x22: ffff000081ace080 x21: 0000000000000001\n x20: ffff000081acec18 x19: ffff80000cfabb80 x18: 0000000000000038\n x17: 0000000000000000 x16: 0000000000000000 x15: fffffffffffea0d0\n x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 5f534b434f4c5f47\n x11: ffff80000a386aa8 x10: 0000000000000029 x9 : ffff80000cfab610\n x8 : 0000000000000029 x7 : 0000000000000014 x6 : 0000000000000000\n x5 : 0000000000000001 x4 : ffff8000081ad904 x3 : 0000000000000029\n x2 : ffff0000801db4c0 x1 : ffff80000cfabb80 x0 : ffff000081aceb58\n Call trace:\n drm_modeset_lock+0xf8/0x154\n drm_atomic_get_private_obj_state+0x84/0x170\n mdp5_get_global_state+0x54/0x6c\n mdp5_pipe_release+0x2c/0xd4\n mdp5_plane_atomic_check+0x2ec/0x414\n drm_atomic_helper_check_planes+0xd8/0x210\n drm_atomic_helper_check+0x54/0xb0\n ...\n ---[ end trace 0000000000000000 ]---\n drm_modeset_lock attempting to lock a contended lock without backoff:\n drm_modeset_lock+0x148/0x154\n mdp5_get_global_state+0x30/0x6c\n mdp5_pipe_release+0x2c/0xd4\n mdp5_plane_atomic_check+0x290/0x414\n drm_atomic_helper_check_planes+0xd8/0x210\n drm_atomic_helper_check+0x54/0xb0\n drm_atomic_check_only+0x4b0/0x8f4\n drm_atomic_commit+0x68/0xe0\n\nPatchwork: https://patchwork.freedesktop.org/patch/492701/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50173",
"url": "https://www.suse.com/security/cve/CVE-2022-50173"
},
{
"category": "external",
"summary": "SUSE Bug 1244992 for CVE-2022-50173",
"url": "https://bugzilla.suse.com/1244992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50173"
},
{
"cve": "CVE-2022-50175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50175"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tw686x: Fix memory leak in tw686x_video_init\n\nvideo_device_alloc() allocates memory for vdev,\nwhen video_register_device() fails, it doesn\u0027t release the memory and\nleads to memory leak, call video_device_release() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50175",
"url": "https://www.suse.com/security/cve/CVE-2022-50175"
},
{
"category": "external",
"summary": "SUSE Bug 1244903 for CVE-2022-50175",
"url": "https://bugzilla.suse.com/1244903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50175"
},
{
"cve": "CVE-2022-50176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50176",
"url": "https://www.suse.com/security/cve/CVE-2022-50176"
},
{
"category": "external",
"summary": "SUSE Bug 1244902 for CVE-2022-50176",
"url": "https://bugzilla.suse.com/1244902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50176"
},
{
"cve": "CVE-2022-50178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: 8852a: rfk: fix div 0 exception\n\nThe DPK is a kind of RF calibration whose algorithm is to fine tune\nparameters and calibrate, and check the result. If the result isn\u0027t good\nenough, it could adjust parameters and try again.\n\nThis issue is to read and show the result, but it could be a negative\ncalibration result that causes divisor 0 and core dump. So, fix it by\nphy_div() that does division only if divisor isn\u0027t zero; otherwise,\nzero is adopted.\n\n divide error: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 728 Comm: wpa_supplicant Not tainted 5.10.114-16019-g462a1661811a #1 \u003cHASH:d024 28\u003e\n RIP: 0010:rtw8852a_dpk+0x14ae/0x288f [rtw89_core]\n RSP: 0018:ffffa9bb412a7520 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 00000000000180fc RDI: ffffa141d01023c0\n RBP: ffffa9bb412a76a0 R08: 0000000000001319 R09: 00000000ffffff92\n R10: ffffffffc0292de3 R11: ffffffffc00d2f51 R12: 0000000000000000\n R13: ffffa141d01023c0 R14: ffffffffc0290250 R15: ffffa141d0102638\n FS: 00007fa99f5c2740(0000) GS:ffffa142e5e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000013e8e010 CR3: 0000000110d2c000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n rtw89_core_sta_add+0x95/0x9c [rtw89_core \u003cHASH:d239 29\u003e]\n rtw89_ops_sta_state+0x5d/0x108 [rtw89_core \u003cHASH:d239 29\u003e]\n drv_sta_state+0x115/0x66f [mac80211 \u003cHASH:81fe 30\u003e]\n sta_info_insert_rcu+0x45c/0x713 [mac80211 \u003cHASH:81fe 30\u003e]\n sta_info_insert+0xf/0x1b [mac80211 \u003cHASH:81fe 30\u003e]\n ieee80211_prep_connection+0x9d6/0xb0c [mac80211 \u003cHASH:81fe 30\u003e]\n ieee80211_mgd_auth+0x2aa/0x352 [mac80211 \u003cHASH:81fe 30\u003e]\n cfg80211_mlme_auth+0x160/0x1f6 [cfg80211 \u003cHASH:00cd 31\u003e]\n nl80211_authenticate+0x2e5/0x306 [cfg80211 \u003cHASH:00cd 31\u003e]\n genl_rcv_msg+0x371/0x3a1\n ? nl80211_stop_sched_scan+0xe5/0xe5 [cfg80211 \u003cHASH:00cd 31\u003e]\n ? genl_rcv+0x36/0x36\n netlink_rcv_skb+0x8a/0xf9\n genl_rcv+0x28/0x36\n netlink_unicast+0x27b/0x3a0\n netlink_sendmsg+0x2aa/0x469\n sock_sendmsg_nosec+0x49/0x4d\n ____sys_sendmsg+0xe5/0x213\n __sys_sendmsg+0xec/0x157\n ? syscall_enter_from_user_mode+0xd7/0x116\n do_syscall_64+0x43/0x55\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n RIP: 0033:0x7fa99f6e689b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50178",
"url": "https://www.suse.com/security/cve/CVE-2022-50178"
},
{
"category": "external",
"summary": "SUSE Bug 1244900 for CVE-2022-50178",
"url": "https://bugzilla.suse.com/1244900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50178"
},
{
"cve": "CVE-2022-50179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k: fix use-after-free in ath9k_hif_usb_rx_cb\n\nSyzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The\nproblem was in incorrect htc_handle-\u003edrv_priv initialization.\n\nProbable call trace which can trigger use-after-free:\n\nath9k_htc_probe_device()\n /* htc_handle-\u003edrv_priv = priv; */\n ath9k_htc_wait_for_target() \u003c--- Failed\n ieee80211_free_hw()\t\t \u003c--- priv pointer is freed\n\n\u003cIRQ\u003e\n...\nath9k_hif_usb_rx_cb()\n ath9k_hif_usb_rx_stream()\n RX_STAT_INC()\t\t\u003c--- htc_handle-\u003edrv_priv access\n\nIn order to not add fancy protection for drv_priv we can move\nhtc_handle-\u003edrv_priv initialization at the end of the\nath9k_htc_probe_device() and add helper macro to make\nall *_STAT_* macros NULL safe, since syzbot has reported related NULL\nderef in that macros [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50179",
"url": "https://www.suse.com/security/cve/CVE-2022-50179"
},
{
"category": "external",
"summary": "SUSE Bug 1244886 for CVE-2022-50179",
"url": "https://bugzilla.suse.com/1244886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50179"
},
{
"cve": "CVE-2022-50181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-gpu: fix a missing check to avoid NULL dereference\n\n\u0027cache_ent\u0027 could be set NULL inside virtio_gpu_cmd_get_capset()\nand it will lead to a NULL dereference by a lately use of it\n(i.e., ptr = cache_ent-\u003ecaps_cache). Fix it with a NULL check.\n\n\n[ kraxel: minor codestyle fixup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50181",
"url": "https://www.suse.com/security/cve/CVE-2022-50181"
},
{
"category": "external",
"summary": "SUSE Bug 1244901 for CVE-2022-50181",
"url": "https://bugzilla.suse.com/1244901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50181"
},
{
"cve": "CVE-2022-50183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: encoder_cvbs: Fix refcount leak in meson_encoder_cvbs_init\n\nof_graph_get_remote_node() returns remote device nodepointer with\nrefcount incremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50183",
"url": "https://www.suse.com/security/cve/CVE-2022-50183"
},
{
"category": "external",
"summary": "SUSE Bug 1244893 for CVE-2022-50183",
"url": "https://bugzilla.suse.com/1244893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50183"
},
{
"cve": "CVE-2022-50184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: encoder_hdmi: Fix refcount leak in meson_encoder_hdmi_init\n\nof_graph_get_remote_node() returns remote device nodepointer with\nrefcount incremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50184",
"url": "https://www.suse.com/security/cve/CVE-2022-50184"
},
{
"category": "external",
"summary": "SUSE Bug 1244898 for CVE-2022-50184",
"url": "https://bugzilla.suse.com/1244898"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50184"
},
{
"cve": "CVE-2022-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()\n\nThe last case label can write two buffers \u0027mc_reg_address[j]\u0027 and\n\u0027mc_data[j]\u0027 with \u0027j\u0027 offset equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE\nsince there are no checks for this value in both case labels after the\nlast \u0027j++\u0027.\n\nInstead of changing \u0027\u003e\u0027 to \u0027\u003e=\u0027 there, add the bounds check at the start\nof the second \u0027case\u0027 (the first one already has it).\n\nAlso, remove redundant last checks for \u0027j\u0027 index bigger than array size.\nThe expression is always false. Moreover, before or after the patch\n\u0027table-\u003elast\u0027 can be equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE and it\nseems it can be a valid value.\n\nDetected using the static analysis tool - Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50185",
"url": "https://www.suse.com/security/cve/CVE-2022-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1244887 for CVE-2022-50185",
"url": "https://bugzilla.suse.com/1244887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50185"
},
{
"cve": "CVE-2022-50186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: fix missing skb drop on htc_tx_completion error\n\nOn htc_tx_completion error the skb is not dropped. This is wrong since\nthe completion_handler logic expect the skb to be consumed anyway even\nwhen an error is triggered. Not freeing the skb on error is a memory\nleak since the skb won\u0027t be freed anywere else. Correctly free the\npacket on eid \u003e= ATH11K_HTC_EP_COUNT before returning.\n\nTested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-01208-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50186",
"url": "https://www.suse.com/security/cve/CVE-2022-50186"
},
{
"category": "external",
"summary": "SUSE Bug 1244888 for CVE-2022-50186",
"url": "https://bugzilla.suse.com/1244888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50186"
},
{
"cve": "CVE-2022-50187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: fix netdev open race\n\nMake sure to allocate resources needed before registering the device.\n\nThis specifically avoids having a racing open() trigger a BUG_ON() in\nmod_timer() when ath11k_mac_op_start() is called before the\nmon_reap_timer as been set up.\n\nI did not see this issue with next-20220310, but I hit it on every probe\nwith next-20220511. Perhaps some timing changed in between.\n\nHere\u0027s the backtrace:\n\n[ 51.346947] kernel BUG at kernel/time/timer.c:990!\n[ 51.346958] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n...\n[ 51.578225] Call trace:\n[ 51.583293] __mod_timer+0x298/0x390\n[ 51.589518] mod_timer+0x14/0x20\n[ 51.595368] ath11k_mac_op_start+0x41c/0x4a0 [ath11k]\n[ 51.603165] drv_start+0x38/0x60 [mac80211]\n[ 51.610110] ieee80211_do_open+0x29c/0x7d0 [mac80211]\n[ 51.617945] ieee80211_open+0x60/0xb0 [mac80211]\n[ 51.625311] __dev_open+0x100/0x1c0\n[ 51.631420] __dev_change_flags+0x194/0x210\n[ 51.638214] dev_change_flags+0x24/0x70\n[ 51.644646] do_setlink+0x228/0xdb0\n[ 51.650723] __rtnl_newlink+0x460/0x830\n[ 51.657162] rtnl_newlink+0x4c/0x80\n[ 51.663229] rtnetlink_rcv_msg+0x124/0x390\n[ 51.669917] netlink_rcv_skb+0x58/0x130\n[ 51.676314] rtnetlink_rcv+0x18/0x30\n[ 51.682460] netlink_unicast+0x250/0x310\n[ 51.688960] netlink_sendmsg+0x19c/0x3e0\n[ 51.695458] ____sys_sendmsg+0x220/0x290\n[ 51.701938] ___sys_sendmsg+0x7c/0xc0\n[ 51.708148] __sys_sendmsg+0x68/0xd0\n[ 51.714254] __arm64_sys_sendmsg+0x28/0x40\n[ 51.720900] invoke_syscall+0x48/0x120\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50187",
"url": "https://www.suse.com/security/cve/CVE-2022-50187"
},
{
"category": "external",
"summary": "SUSE Bug 1244890 for CVE-2022-50187",
"url": "https://bugzilla.suse.com/1244890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50187"
},
{
"cve": "CVE-2022-50188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: Fix refcount leak in meson_encoder_hdmi_init\n\nof_find_device_by_node() takes reference, we should use put_device()\nto release it when not need anymore.\nAdd missing put_device() in error path to avoid refcount\nleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50188",
"url": "https://www.suse.com/security/cve/CVE-2022-50188"
},
{
"category": "external",
"summary": "SUSE Bug 1244892 for CVE-2022-50188",
"url": "https://bugzilla.suse.com/1244892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50188"
},
{
"cve": "CVE-2022-50190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix simplification of devm_spi_register_controller\n\nThis reverts commit 59ebbe40fb51 (\"spi: simplify\ndevm_spi_register_controller\").\n\nIf devm_add_action() fails in devm_add_action_or_reset(),\ndevm_spi_unregister() will be called, it decreases the\nrefcount of \u0027ctlr-\u003edev\u0027 to 0, then it will cause uaf in\nthe drivers that calling spi_put_controller() in error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50190",
"url": "https://www.suse.com/security/cve/CVE-2022-50190"
},
{
"category": "external",
"summary": "SUSE Bug 1244895 for CVE-2022-50190",
"url": "https://bugzilla.suse.com/1244895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50190"
},
{
"cve": "CVE-2022-50191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50191"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: of: Fix refcount leak bug in of_get_regulation_constraints()\n\nWe should call the of_node_put() for the reference returned by\nof_get_child_by_name() which has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50191",
"url": "https://www.suse.com/security/cve/CVE-2022-50191"
},
{
"category": "external",
"summary": "SUSE Bug 1244899 for CVE-2022-50191",
"url": "https://bugzilla.suse.com/1244899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50191"
},
{
"cve": "CVE-2022-50192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50192"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: tegra20-slink: fix UAF in tegra_slink_remove()\n\nAfter calling spi_unregister_master(), the refcount of master will\nbe decrease to 0, and it will be freed in spi_controller_release(),\nthe device data also will be freed, so it will lead a UAF when using\n\u0027tspi\u0027. To fix this, get the master before unregister and put it when\nfinish using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50192",
"url": "https://www.suse.com/security/cve/CVE-2022-50192"
},
{
"category": "external",
"summary": "SUSE Bug 1244879 for CVE-2022-50192",
"url": "https://bugzilla.suse.com/1244879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50192"
},
{
"cve": "CVE-2022-50194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference count of the previous node.\nWhen breaking early from a for_each_available_child_of_node() loop,\nwe need to explicitly call of_node_put() on the child node.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50194",
"url": "https://www.suse.com/security/cve/CVE-2022-50194"
},
{
"category": "external",
"summary": "SUSE Bug 1244878 for CVE-2022-50194",
"url": "https://bugzilla.suse.com/1244878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50194"
},
{
"cve": "CVE-2022-50196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50196"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: ocmem: Fix refcount leak in of_get_ocmem\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\nof_node_put() will check NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50196",
"url": "https://www.suse.com/security/cve/CVE-2022-50196"
},
{
"category": "external",
"summary": "SUSE Bug 1244875 for CVE-2022-50196",
"url": "https://bugzilla.suse.com/1244875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50196"
},
{
"cve": "CVE-2022-50197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: zynq: Fix refcount leak in zynq_get_revision\n\nof_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50197",
"url": "https://www.suse.com/security/cve/CVE-2022-50197"
},
{
"category": "external",
"summary": "SUSE Bug 1244876 for CVE-2022-50197",
"url": "https://bugzilla.suse.com/1244876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50197"
},
{
"cve": "CVE-2022-50198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50198",
"url": "https://www.suse.com/security/cve/CVE-2022-50198"
},
{
"category": "external",
"summary": "SUSE Bug 1244872 for CVE-2022-50198",
"url": "https://bugzilla.suse.com/1244872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50198"
},
{
"cve": "CVE-2022-50199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50199"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: Fix refcount leak in omapdss_init_of\n\nomapdss_find_dss_of_node() calls of_find_compatible_node() to get device\nnode. of_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() in later error path and normal path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50199",
"url": "https://www.suse.com/security/cve/CVE-2022-50199"
},
{
"category": "external",
"summary": "SUSE Bug 1244873 for CVE-2022-50199",
"url": "https://bugzilla.suse.com/1244873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50199"
},
{
"cve": "CVE-2022-50200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: Add boundary check in put_entry()\n\nJust like next_entry(), boundary check is necessary to prevent memory\nout-of-bound access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50200",
"url": "https://www.suse.com/security/cve/CVE-2022-50200"
},
{
"category": "external",
"summary": "SUSE Bug 1245149 for CVE-2022-50200",
"url": "https://bugzilla.suse.com/1245149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-50200"
},
{
"cve": "CVE-2022-50201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix memleak in security_read_state_kernel()\n\nIn this function, it directly returns the result of __security_read_policy\nwithout freeing the allocated memory in *data, cause memory leak issue,\nso free the memory if __security_read_policy failed.\n\n[PM: subject line tweak]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50201",
"url": "https://www.suse.com/security/cve/CVE-2022-50201"
},
{
"category": "external",
"summary": "SUSE Bug 1245197 for CVE-2022-50201",
"url": "https://bugzilla.suse.com/1245197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50201"
},
{
"cve": "CVE-2022-50202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: hibernate: defer device probing when resuming from hibernation\n\nsyzbot is reporting hung task at misc_open() [1], for there is a race\nwindow of AB-BA deadlock which involves probe_count variable. Currently\nwait_for_device_probe() from snapshot_open() from misc_open() can sleep\nforever with misc_mtx held if probe_count cannot become 0.\n\nWhen a device is probed by hub_event() work function, probe_count is\nincremented before the probe function starts, and probe_count is\ndecremented after the probe function completed.\n\nThere are three cases that can prevent probe_count from dropping to 0.\n\n (a) A device being probed stopped responding (i.e. broken/malicious\n hardware).\n\n (b) A process emulating a USB device using /dev/raw-gadget interface\n stopped responding for some reason.\n\n (c) New device probe requests keeps coming in before existing device\n probe requests complete.\n\nThe phenomenon syzbot is reporting is (b). A process which is holding\nsystem_transition_mutex and misc_mtx is waiting for probe_count to become\n0 inside wait_for_device_probe(), but the probe function which is called\n from hub_event() work function is waiting for the processes which are\nblocked at mutex_lock(\u0026misc_mtx) to respond via /dev/raw-gadget interface.\n\nThis patch mitigates (b) by deferring wait_for_device_probe() from\nsnapshot_open() to snapshot_write() and snapshot_ioctl(). Please note that\nthe possibility of (b) remains as long as any thread which is emulating a\nUSB device via /dev/raw-gadget interface can be blocked by uninterruptible\nblocking operations (e.g. mutex_lock()).\n\nPlease also note that (a) and (c) are not addressed. Regarding (c), we\nshould change the code to wait for only one device which contains the\nimage for resuming from hibernation. I don\u0027t know how to address (a), for\nuse of timeout for wait_for_device_probe() might result in loss of user\ndata in the image. Maybe we should require the userland to wait for the\nimage device before opening /dev/snapshot interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50202",
"url": "https://www.suse.com/security/cve/CVE-2022-50202"
},
{
"category": "external",
"summary": "SUSE Bug 1245154 for CVE-2022-50202",
"url": "https://bugzilla.suse.com/1245154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50202"
},
{
"cve": "CVE-2022-50203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: display: Fix refcount leak bug\n\nIn omapdss_init_fbdev(), of_find_node_by_name() will return a node\npointer with refcount incremented. We should use of_node_put() when\nit is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50203",
"url": "https://www.suse.com/security/cve/CVE-2022-50203"
},
{
"category": "external",
"summary": "SUSE Bug 1245189 for CVE-2022-50203",
"url": "https://bugzilla.suse.com/1245189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50203"
},
{
"cve": "CVE-2022-50204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: pdata-quirks: Fix refcount leak bug\n\nIn pdata_quirks_init_clocks(), the loop contains\nof_find_node_by_name() but without corresponding of_node_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50204",
"url": "https://www.suse.com/security/cve/CVE-2022-50204"
},
{
"category": "external",
"summary": "SUSE Bug 1245191 for CVE-2022-50204",
"url": "https://bugzilla.suse.com/1245191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50204"
},
{
"cve": "CVE-2022-50206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: fix oops in concurrently setting insn_emulation sysctls\n\nemulation_proc_handler() changes table-\u003edata for proc_dointvec_minmax\nand can generate the following Oops if called concurrently with itself:\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010\n | Internal error: Oops: 96000006 [#1] SMP\n | Call trace:\n | update_insn_emulation_mode+0xc0/0x148\n | emulation_proc_handler+0x64/0xb8\n | proc_sys_call_handler+0x9c/0xf8\n | proc_sys_write+0x18/0x20\n | __vfs_write+0x20/0x48\n | vfs_write+0xe4/0x1d0\n | ksys_write+0x70/0xf8\n | __arm64_sys_write+0x20/0x28\n | el0_svc_common.constprop.0+0x7c/0x1c0\n | el0_svc_handler+0x2c/0xa0\n | el0_svc+0x8/0x200\n\nTo fix this issue, keep the table-\u003edata as \u0026insn-\u003ecurrent_mode and\nuse container_of() to retrieve the insn pointer. Another mutex is\nused to protect against the current_mode update but not for retrieving\ninsn_emulation as table-\u003edata is no longer changing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50206",
"url": "https://www.suse.com/security/cve/CVE-2022-50206"
},
{
"category": "external",
"summary": "SUSE Bug 1245152 for CVE-2022-50206",
"url": "https://bugzilla.suse.com/1245152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50206"
},
{
"cve": "CVE-2022-50207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: bcm: Fix refcount leak in bcm_kona_smc_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50207",
"url": "https://www.suse.com/security/cve/CVE-2022-50207"
},
{
"category": "external",
"summary": "SUSE Bug 1244871 for CVE-2022-50207",
"url": "https://bugzilla.suse.com/1244871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50207"
},
{
"cve": "CVE-2022-50208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: amlogic: Fix refcount leak in meson-secure-pwrc.c\n\nIn meson_secure_pwrc_probe(), there is a refcount leak in one fail\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50208",
"url": "https://www.suse.com/security/cve/CVE-2022-50208"
},
{
"category": "external",
"summary": "SUSE Bug 1244870 for CVE-2022-50208",
"url": "https://bugzilla.suse.com/1244870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50208"
},
{
"cve": "CVE-2022-50209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmeson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50209",
"url": "https://www.suse.com/security/cve/CVE-2022-50209"
},
{
"category": "external",
"summary": "SUSE Bug 1244868 for CVE-2022-50209",
"url": "https://bugzilla.suse.com/1244868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50209"
},
{
"cve": "CVE-2022-50211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd-raid10: fix KASAN warning\n\nThere\u0027s a KASAN warning in raid10_remove_disk when running the lvm\ntest lvconvert-raid-reshape.sh. We fix this warning by verifying that the\nvalue \"number\" is valid.\n\nBUG: KASAN: slab-out-of-bounds in raid10_remove_disk+0x61/0x2a0 [raid10]\nRead of size 8 at addr ffff889108f3d300 by task mdX_raid10/124682\n\nCPU: 3 PID: 124682 Comm: mdX_raid10 Not tainted 5.19.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_report.cold+0x45/0x57a\n ? __lock_text_start+0x18/0x18\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n kasan_report+0xa8/0xe0\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n raid10_remove_disk+0x61/0x2a0 [raid10]\nBuffer I/O error on dev dm-76, logical block 15344, async page read\n ? __mutex_unlock_slowpath.constprop.0+0x1e0/0x1e0\n remove_and_add_spares+0x367/0x8a0 [md_mod]\n ? super_written+0x1c0/0x1c0 [md_mod]\n ? mutex_trylock+0xac/0x120\n ? _raw_spin_lock+0x72/0xc0\n ? _raw_spin_lock_bh+0xc0/0xc0\n md_check_recovery+0x848/0x960 [md_mod]\n raid10d+0xcf/0x3360 [raid10]\n ? sched_clock_cpu+0x185/0x1a0\n ? rb_erase+0x4d4/0x620\n ? var_wake_function+0xe0/0xe0\n ? psi_group_change+0x411/0x500\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? raid10_sync_request+0x36c0/0x36c0 [raid10]\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_unlock_irqrestore+0x19/0x40\n ? del_timer_sync+0xa9/0x100\n ? try_to_del_timer_sync+0xc0/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? _raw_spin_unlock_irq+0x11/0x24\n ? __list_del_entry_valid+0x68/0xa0\n ? finish_wait+0xa3/0x100\n md_thread+0x161/0x260 [md_mod]\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? prepare_to_wait_event+0x2c0/0x2c0\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n kthread+0x148/0x180\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n\nAllocated by task 124495:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x80/0xa0\n setup_conf+0x140/0x5c0 [raid10]\n raid10_run+0x4cd/0x740 [raid10]\n md_run+0x6f9/0x1300 [md_mod]\n raid_ctr+0x2531/0x4ac0 [dm_raid]\n dm_table_add_target+0x2b0/0x620 [dm_mod]\n table_load+0x1c8/0x400 [dm_mod]\n ctl_ioctl+0x29e/0x560 [dm_mod]\n dm_compat_ctl_ioctl+0x7/0x20 [dm_mod]\n __do_compat_sys_ioctl+0xfa/0x160\n do_syscall_64+0x90/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nLast potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\nL __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\n __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe buggy address belongs to the object at ffff889108f3d200\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 0 bytes to the right of\n 256-byte region [ffff889108f3d200, ffff889108f3d300)\n\nThe buggy address belongs to the physical page:\npage:000000007ef2a34c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1108f3c\nhead:000000007ef2a34c order:2 compound_mapcount:0 compound_pincount:0\nflags: 0x4000000000010200(slab|head|zone=2)\nraw: 4000000000010200 0000000000000000 dead000000000001 ffff889100042b40\nraw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff889108f3d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff889108f3d280: 00 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50211",
"url": "https://www.suse.com/security/cve/CVE-2022-50211"
},
{
"category": "external",
"summary": "SUSE Bug 1245140 for CVE-2022-50211",
"url": "https://bugzilla.suse.com/1245140"
},
{
"category": "external",
"summary": "SUSE Bug 1245141 for CVE-2022-50211",
"url": "https://bugzilla.suse.com/1245141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2022-50211"
},
{
"cve": "CVE-2022-50212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not allow CHAIN_ID to refer to another table\n\nWhen doing lookups for chains on the same batch by using its ID, a chain\nfrom a different table can be used. If a rule is added to a table but\nrefers to a chain in a different table, it will be linked to the chain in\ntable2, but would have expressions referring to objects in table1.\n\nThen, when table1 is removed, the rule will not be removed as its linked to\na chain in table2. When expressions in the rule are processed or removed,\nthat will lead to a use-after-free.\n\nWhen looking for chains by ID, use the table that was used for the lookup\nby name, and only return chains belonging to that same table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50212",
"url": "https://www.suse.com/security/cve/CVE-2022-50212"
},
{
"category": "external",
"summary": "SUSE Bug 1244869 for CVE-2022-50212",
"url": "https://bugzilla.suse.com/1244869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50212"
},
{
"cve": "CVE-2022-50213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50213"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not allow SET_ID to refer to another table\n\nWhen doing lookups for sets on the same batch by using its ID, a set from a\ndifferent table can be used.\n\nThen, when the table is removed, a reference to the set may be kept after\nthe set is freed, leading to a potential use-after-free.\n\nWhen looking for sets by ID, use the table that was used for the lookup by\nname, and only return sets belonging to that same table.\n\nThis fixes CVE-2022-2586, also reported as ZDI-CAN-17470.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50213",
"url": "https://www.suse.com/security/cve/CVE-2022-50213"
},
{
"category": "external",
"summary": "SUSE Bug 1244867 for CVE-2022-50213",
"url": "https://bugzilla.suse.com/1244867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50213"
},
{
"cve": "CVE-2022-50215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Allow waiting for commands to complete on removed device\n\nWhen a SCSI device is removed while in active use, currently sg will\nimmediately return -ENODEV on any attempt to wait for active commands that\nwere sent before the removal. This is problematic for commands that use\nSG_FLAG_DIRECT_IO since the data buffer may still be in use by the kernel\nwhen userspace frees or reuses it after getting ENODEV, leading to\ncorrupted userspace memory (in the case of READ-type commands) or corrupted\ndata being sent to the device (in the case of WRITE-type commands). This\nhas been seen in practice when logging out of a iscsi_tcp session, where\nthe iSCSI driver may still be processing commands after the device has been\nmarked for removal.\n\nChange the policy to allow userspace to wait for active sg commands even\nwhen the device is being removed. Return -ENODEV only when there are no\nmore responses to read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50215",
"url": "https://www.suse.com/security/cve/CVE-2022-50215"
},
{
"category": "external",
"summary": "SUSE Bug 1245138 for CVE-2022-50215",
"url": "https://bugzilla.suse.com/1245138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50215"
},
{
"cve": "CVE-2022-50218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: isl29028: Fix the warning in isl29028_remove()\n\nThe driver use the non-managed form of the register function in\nisl29028_remove(). To keep the release order as mirroring the ordering\nin probe, the driver should use non-managed form in probe, too.\n\nThe following log reveals it:\n\n[ 32.374955] isl29028 0-0010: remove\n[ 32.376861] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 32.377676] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 32.379432] RIP: 0010:kernfs_find_and_get_ns+0x28/0xe0\n[ 32.385461] Call Trace:\n[ 32.385807] sysfs_unmerge_group+0x59/0x110\n[ 32.386110] dpm_sysfs_remove+0x58/0xc0\n[ 32.386391] device_del+0x296/0xe50\n[ 32.386959] cdev_device_del+0x1d/0xd0\n[ 32.387231] devm_iio_device_unreg+0x27/0xb0\n[ 32.387542] devres_release_group+0x319/0x3d0\n[ 32.388162] i2c_device_remove+0x93/0x1f0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50218",
"url": "https://www.suse.com/security/cve/CVE-2022-50218"
},
{
"category": "external",
"summary": "SUSE Bug 1244861 for CVE-2022-50218",
"url": "https://bugzilla.suse.com/1244861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50218"
},
{
"cve": "CVE-2022-50220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50220"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: Fix linkwatch use-after-free on disconnect\n\nusbnet uses the work usbnet_deferred_kevent() to perform tasks which may\nsleep. On disconnect, completion of the work was originally awaited in\n-\u003endo_stop(). But in 2003, that was moved to -\u003edisconnect() by historic\ncommit \"[PATCH] USB: usbnet, prevent exotic rtnl deadlock\":\n\n https://git.kernel.org/tglx/history/c/0f138bbfd83c\n\nThe change was made because back then, the kernel\u0027s workqueue\nimplementation did not allow waiting for a single work. One had to wait\nfor completion of *all* work by calling flush_scheduled_work(), and that\ncould deadlock when waiting for usbnet_deferred_kevent() with rtnl_mutex\nheld in -\u003endo_stop().\n\nThe commit solved one problem but created another: It causes a\nuse-after-free in USB Ethernet drivers aqc111.c, asix_devices.c,\nax88179_178a.c, ch9200.c and smsc75xx.c:\n\n* If the drivers receive a link change interrupt immediately before\n disconnect, they raise EVENT_LINK_RESET in their (non-sleepable)\n -\u003estatus() callback and schedule usbnet_deferred_kevent().\n* usbnet_deferred_kevent() invokes the driver\u0027s -\u003elink_reset() callback,\n which calls netif_carrier_{on,off}().\n* That in turn schedules the work linkwatch_event().\n\nBecause usbnet_deferred_kevent() is awaited after unregister_netdev(),\nnetif_carrier_{on,off}() may operate on an unregistered netdev and\nlinkwatch_event() may run after free_netdev(), causing a use-after-free.\n\nIn 2010, usbnet was changed to only wait for a single instance of\nusbnet_deferred_kevent() instead of *all* work by commit 23f333a2bfaf\n(\"drivers/net: don\u0027t use flush_scheduled_work()\").\n\nUnfortunately the commit neglected to move the wait back to\n-\u003endo_stop(). Rectify that omission at long last.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50220",
"url": "https://www.suse.com/security/cve/CVE-2022-50220"
},
{
"category": "external",
"summary": "SUSE Bug 1245348 for CVE-2022-50220",
"url": "https://bugzilla.suse.com/1245348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50220"
},
{
"cve": "CVE-2022-50221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50221"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/fb-helper: Fix out-of-bounds access\n\nClip memory range to screen-buffer size to avoid out-of-bounds access\nin fbdev deferred I/O\u0027s damage handling.\n\nFbdev\u0027s deferred I/O can only track pages. From the range of pages, the\ndamage handler computes the clipping rectangle for the display update.\nIf the fbdev screen buffer ends near the beginning of a page, that page\ncould contain more scanlines. The damage handler would then track these\nnon-existing scanlines as dirty and provoke an out-of-bounds access\nduring the screen update. Hence, clip the maximum memory range to the\nsize of the screen buffer.\n\nWhile at it, rename the variables min/max to min_off/max_off in\ndrm_fb_helper_deferred_io(). This avoids confusion with the macros of\nthe same name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50221",
"url": "https://www.suse.com/security/cve/CVE-2022-50221"
},
{
"category": "external",
"summary": "SUSE Bug 1244858 for CVE-2022-50221",
"url": "https://bugzilla.suse.com/1244858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50221"
},
{
"cve": "CVE-2022-50222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50222"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vt: initialize unicode screen buffer\n\nsyzbot reports kernel infoleak at vcs_read() [1], for buffer can be read\nimmediately after resize operation. Initialize buffer using kzalloc().\n\n ----------\n #include \u003cfcntl.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003csys/ioctl.h\u003e\n #include \u003clinux/fb.h\u003e\n\n int main(int argc, char *argv[])\n {\n struct fb_var_screeninfo var = { };\n const int fb_fd = open(\"/dev/fb0\", 3);\n ioctl(fb_fd, FBIOGET_VSCREENINFO, \u0026var);\n var.yres = 0x21;\n ioctl(fb_fd, FBIOPUT_VSCREENINFO, \u0026var);\n return read(open(\"/dev/vcsu\", O_RDONLY), \u0026var, sizeof(var)) == -1;\n }\n ----------",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50222",
"url": "https://www.suse.com/security/cve/CVE-2022-50222"
},
{
"category": "external",
"summary": "SUSE Bug 1245136 for CVE-2022-50222",
"url": "https://bugzilla.suse.com/1245136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50222"
},
{
"cve": "CVE-2022-50226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak\n\nFor some sev ioctl interfaces, input may be passed that is less than or\nequal to SEV_FW_BLOB_MAX_SIZE, but larger than the data that PSP\nfirmware returns. In this case, kmalloc will allocate memory that is the\nsize of the input rather than the size of the data. Since PSP firmware\ndoesn\u0027t fully overwrite the buffer, the sev ioctl interfaces with the\nissue may return uninitialized slab memory.\n\nCurrently, all of the ioctl interfaces in the ccp driver are safe, but\nto prevent future problems, change all ioctl interfaces that allocate\nmemory with kmalloc to use kzalloc and memset the data buffer to zero\nin sev_ioctl_do_platform_status.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50226",
"url": "https://www.suse.com/security/cve/CVE-2022-50226"
},
{
"category": "external",
"summary": "SUSE Bug 1244860 for CVE-2022-50226",
"url": "https://bugzilla.suse.com/1244860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50226"
},
{
"cve": "CVE-2022-50228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50228"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Don\u0027t BUG if userspace injects an interrupt with GIF=0\n\nDon\u0027t BUG/WARN on interrupt injection due to GIF being cleared,\nsince it\u0027s trivial for userspace to force the situation via\nKVM_SET_VCPU_EVENTS (even if having at least a WARN there would be correct\nfor KVM internally generated injections).\n\n kernel BUG at arch/x86/kvm/svm/svm.c:3386!\n invalid opcode: 0000 [#1] SMP\n CPU: 15 PID: 926 Comm: smm_test Not tainted 5.17.0-rc3+ #264\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:svm_inject_irq+0xab/0xb0 [kvm_amd]\n Code: \u003c0f\u003e 0b 0f 1f 00 0f 1f 44 00 00 80 3d ac b3 01 00 00 55 48 89 f5 53\n RSP: 0018:ffffc90000b37d88 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff88810a234ac0 RCX: 0000000000000006\n RDX: 0000000000000000 RSI: ffffc90000b37df7 RDI: ffff88810a234ac0\n RBP: ffffc90000b37df7 R08: ffff88810a1fa410 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff888109571000 R14: ffff88810a234ac0 R15: 0000000000000000\n FS: 0000000001821380(0000) GS:ffff88846fdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f74fc550008 CR3: 000000010a6fe000 CR4: 0000000000350ea0\n Call Trace:\n \u003cTASK\u003e\n inject_pending_event+0x2f7/0x4c0 [kvm]\n kvm_arch_vcpu_ioctl_run+0x791/0x17a0 [kvm]\n kvm_vcpu_ioctl+0x26d/0x650 [kvm]\n __x64_sys_ioctl+0x82/0xb0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50228",
"url": "https://www.suse.com/security/cve/CVE-2022-50228"
},
{
"category": "external",
"summary": "SUSE Bug 1244854 for CVE-2022-50228",
"url": "https://bugzilla.suse.com/1244854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50228"
},
{
"cve": "CVE-2022-50229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: bcd2000: Fix a UAF bug on the error path of probing\n\nWhen the driver fails in snd_card_register() at probe time, it will free\nthe \u0027bcd2k-\u003emidi_out_urb\u0027 before killing it, which may cause a UAF bug.\n\nThe following log can reveal it:\n\n[ 50.727020] BUG: KASAN: use-after-free in bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n[ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0\n[ 50.729530] Call Trace:\n[ 50.732899] bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n\nFix this by adding usb_kill_urb() before usb_free_urb().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50229",
"url": "https://www.suse.com/security/cve/CVE-2022-50229"
},
{
"category": "external",
"summary": "SUSE Bug 1244856 for CVE-2022-50229",
"url": "https://bugzilla.suse.com/1244856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50229"
},
{
"cve": "CVE-2022-50231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: arm64/poly1305 - fix a read out-of-bound\n\nA kasan error was reported during fuzzing:\n\nBUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon]\nRead of size 4 at addr ffff0010e293f010 by task syz-executor.5/1646715\nCPU: 4 PID: 1646715 Comm: syz-executor.5 Kdump: loaded Not tainted 5.10.0.aarch64 #1\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.59 01/31/2019\nCall trace:\n dump_backtrace+0x0/0x394\n show_stack+0x34/0x4c arch/arm64/kernel/stacktrace.c:196\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x158/0x1e4 lib/dump_stack.c:118\n print_address_description.constprop.0+0x68/0x204 mm/kasan/report.c:387\n __kasan_report+0xe0/0x140 mm/kasan/report.c:547\n kasan_report+0x44/0xe0 mm/kasan/report.c:564\n check_memory_region_inline mm/kasan/generic.c:187 [inline]\n __asan_load4+0x94/0xd0 mm/kasan/generic.c:252\n neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon]\n neon_poly1305_do_update+0x6c/0x15c [poly1305_neon]\n neon_poly1305_update+0x9c/0x1c4 [poly1305_neon]\n crypto_shash_update crypto/shash.c:131 [inline]\n shash_finup_unaligned+0x84/0x15c crypto/shash.c:179\n crypto_shash_finup+0x8c/0x140 crypto/shash.c:193\n shash_digest_unaligned+0xb8/0xe4 crypto/shash.c:201\n crypto_shash_digest+0xa4/0xfc crypto/shash.c:217\n crypto_shash_tfm_digest+0xb4/0x150 crypto/shash.c:229\n essiv_skcipher_setkey+0x164/0x200 [essiv]\n crypto_skcipher_setkey+0xb0/0x160 crypto/skcipher.c:612\n skcipher_setkey+0x3c/0x50 crypto/algif_skcipher.c:305\n alg_setkey+0x114/0x2a0 crypto/af_alg.c:220\n alg_setsockopt+0x19c/0x210 crypto/af_alg.c:253\n __sys_setsockopt+0x190/0x2e0 net/socket.c:2123\n __do_sys_setsockopt net/socket.c:2134 [inline]\n __se_sys_setsockopt net/socket.c:2131 [inline]\n __arm64_sys_setsockopt+0x78/0x94 net/socket.c:2131\n __invoke_syscall arch/arm64/kernel/syscall.c:36 [inline]\n invoke_syscall+0x64/0x100 arch/arm64/kernel/syscall.c:48\n el0_svc_common.constprop.0+0x220/0x230 arch/arm64/kernel/syscall.c:155\n do_el0_svc+0xb4/0xd4 arch/arm64/kernel/syscall.c:217\n el0_svc+0x24/0x3c arch/arm64/kernel/entry-common.c:353\n el0_sync_handler+0x160/0x164 arch/arm64/kernel/entry-common.c:369\n el0_sync+0x160/0x180 arch/arm64/kernel/entry.S:683\n\nThis error can be reproduced by the following code compiled as ko on a\nsystem with kasan enabled:\n\n#include \u003clinux/module.h\u003e\n#include \u003clinux/crypto.h\u003e\n#include \u003ccrypto/hash.h\u003e\n#include \u003ccrypto/poly1305.h\u003e\n\nchar test_data[] = \"\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\"\n \"\\x08\\x09\\x0a\\x0b\\x0c\\x0d\\x0e\\x0f\"\n \"\\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17\"\n \"\\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\";\n\nint init(void)\n{\n struct crypto_shash *tfm = NULL;\n char *data = NULL, *out = NULL;\n\n tfm = crypto_alloc_shash(\"poly1305\", 0, 0);\n data = kmalloc(POLY1305_KEY_SIZE - 1, GFP_KERNEL);\n out = kmalloc(POLY1305_DIGEST_SIZE, GFP_KERNEL);\n memcpy(data, test_data, POLY1305_KEY_SIZE - 1);\n crypto_shash_tfm_digest(tfm, data, POLY1305_KEY_SIZE - 1, out);\n\n kfree(data);\n kfree(out);\n return 0;\n}\n\nvoid deinit(void)\n{\n}\n\nmodule_init(init)\nmodule_exit(deinit)\nMODULE_LICENSE(\"GPL\");\n\nThe root cause of the bug sits in neon_poly1305_blocks. The logic\nneon_poly1305_blocks() performed is that if it was called with both s[]\nand r[] uninitialized, it will first try to initialize them with the\ndata from the first \"block\" that it believed to be 32 bytes in length.\nFirst 16 bytes are used as the key and the next 16 bytes for s[]. This\nwould lead to the aforementioned read out-of-bound. However, after\ncalling poly1305_init_arch(), only 16 bytes were deducted from the input\nand s[] is initialized yet again with the following 16 bytes. The second\ninitialization of s[] is certainly redundent which indicates that the\nfirst initialization should be for r[] only.\n\nThis patch fixes the issue by calling poly1305_init_arm64() instead o\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50231",
"url": "https://www.suse.com/security/cve/CVE-2022-50231"
},
{
"category": "external",
"summary": "SUSE Bug 1244853 for CVE-2022-50231",
"url": "https://bugzilla.suse.com/1244853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2022-50231"
},
{
"cve": "CVE-2023-3111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3111"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3111",
"url": "https://www.suse.com/security/cve/CVE-2023-3111"
},
{
"category": "external",
"summary": "SUSE Bug 1212051 for CVE-2023-3111",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-3111",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-3111"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other -\u003eactivate callbacks\n(bitmap, hash, rhash, rbtree) use elem-\u003epriv.\nSame for .remove: other set implementations take elem-\u003epriv,\nnft_pipapo_remove fetches elem-\u003epriv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor -\u003edeactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52925",
"url": "https://www.suse.com/security/cve/CVE-2023-52925"
},
{
"category": "external",
"summary": "SUSE Bug 1236822 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1236822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-53046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix race condition in hci_cmd_sync_clear\n\nThere is a potential race condition in hci_cmd_sync_work and\nhci_cmd_sync_clear, and could lead to use-after-free. For instance,\nhci_cmd_sync_work is added to the \u0027req_workqueue\u0027 after cancel_work_sync\nThe entry of \u0027cmd_sync_work_list\u0027 may be freed in hci_cmd_sync_clear, and\ncausing kernel panic when it is used in \u0027hci_cmd_sync_work\u0027.\n\nHere\u0027s the call trace:\n\ndump_stack_lvl+0x49/0x63\nprint_report.cold+0x5e/0x5d3\n? hci_cmd_sync_work+0x282/0x320\nkasan_report+0xaa/0x120\n? hci_cmd_sync_work+0x282/0x320\n__asan_report_load8_noabort+0x14/0x20\nhci_cmd_sync_work+0x282/0x320\nprocess_one_work+0x77b/0x11c0\n? _raw_spin_lock_irq+0x8e/0xf0\nworker_thread+0x544/0x1180\n? poll_idle+0x1e0/0x1e0\nkthread+0x285/0x320\n? process_one_work+0x11c0/0x11c0\n? kthread_complete_and_exit+0x30/0x30\nret_from_fork+0x22/0x30\n\u003c/TASK\u003e\n\nAllocated by task 266:\nkasan_save_stack+0x26/0x50\n__kasan_kmalloc+0xae/0xe0\nkmem_cache_alloc_trace+0x191/0x350\nhci_cmd_sync_queue+0x97/0x2b0\nhci_update_passive_scan+0x176/0x1d0\nle_conn_complete_evt+0x1b5/0x1a00\nhci_le_conn_complete_evt+0x234/0x340\nhci_le_meta_evt+0x231/0x4e0\nhci_event_packet+0x4c5/0xf00\nhci_rx_work+0x37d/0x880\nprocess_one_work+0x77b/0x11c0\nworker_thread+0x544/0x1180\nkthread+0x285/0x320\nret_from_fork+0x22/0x30\n\nFreed by task 269:\nkasan_save_stack+0x26/0x50\nkasan_set_track+0x25/0x40\nkasan_set_free_info+0x24/0x40\n____kasan_slab_free+0x176/0x1c0\n__kasan_slab_free+0x12/0x20\nslab_free_freelist_hook+0x95/0x1a0\nkfree+0xba/0x2f0\nhci_cmd_sync_clear+0x14c/0x210\nhci_unregister_dev+0xff/0x440\nvhci_release+0x7b/0xf0\n__fput+0x1f3/0x970\n____fput+0xe/0x20\ntask_work_run+0xd4/0x160\ndo_exit+0x8b0/0x22a0\ndo_group_exit+0xba/0x2a0\nget_signal+0x1e4a/0x25b0\narch_do_signal_or_restart+0x93/0x1f80\nexit_to_user_mode_prepare+0xf5/0x1a0\nsyscall_exit_to_user_mode+0x26/0x50\nret_from_fork+0x15/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53046",
"url": "https://www.suse.com/security/cve/CVE-2023-53046"
},
{
"category": "external",
"summary": "SUSE Bug 1244180 for CVE-2023-53046",
"url": "https://bugzilla.suse.com/1244180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-53046"
},
{
"cve": "CVE-2023-53048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53048"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: fix warning when handle discover_identity message\n\nSince both source and sink device can send discover_identity message in\nPD3, kernel may dump below warning:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 169 at drivers/usb/typec/tcpm/tcpm.c:1446 tcpm_queue_vdm+0xe0/0xf0\nModules linked in:\nCPU: 0 PID: 169 Comm: 1-0050 Not tainted 6.1.1-00038-g6a3c36cf1da2-dirty #567\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : tcpm_queue_vdm+0xe0/0xf0\nlr : tcpm_queue_vdm+0x2c/0xf0\nsp : ffff80000c19bcd0\nx29: ffff80000c19bcd0 x28: 0000000000000001 x27: ffff0000d11c8ab8\nx26: ffff0000d11cc000 x25: 0000000000000000 x24: 00000000ff008081\nx23: 0000000000000001 x22: 00000000ff00a081 x21: ffff80000c19bdbc\nx20: 0000000000000000 x19: ffff0000d11c8080 x18: ffffffffffffffff\nx17: 0000000000000000 x16: 0000000000000000 x15: ffff0000d716f580\nx14: 0000000000000001 x13: ffff0000d716f507 x12: 0000000000000001\nx11: 0000000000000000 x10: 0000000000000020 x9 : 00000000000ee098\nx8 : 00000000ffffffff x7 : 000000000000001c x6 : ffff0000d716f580\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : ffff80000c19bdbc x1 : 00000000ff00a081 x0 : 0000000000000004\nCall trace:\ntcpm_queue_vdm+0xe0/0xf0\ntcpm_pd_rx_handler+0x340/0x1ab0\nkthread_worker_fn+0xcc/0x18c\nkthread+0x10c/0x110\nret_from_fork+0x10/0x20\n---[ end trace 0000000000000000 ]---\n\nBelow sequences may trigger this warning:\n\ntcpm_send_discover_work(work)\n tcpm_send_vdm(port, USB_SID_PD, CMD_DISCOVER_IDENT, NULL, 0);\n tcpm_queue_vdm(port, header, data, count);\n port-\u003evdm_state = VDM_STATE_READY;\n\nvdm_state_machine_work(work);\n\t\t\t\u003c-- received discover_identity from partner\n vdm_run_state_machine(port);\n port-\u003evdm_state = VDM_STATE_SEND_MESSAGE;\n mod_vdm_delayed_work(port, x);\n\ntcpm_pd_rx_handler(work);\n tcpm_pd_data_request(port, msg);\n tcpm_handle_vdm_request(port, msg-\u003epayload, cnt);\n tcpm_queue_vdm(port, response[0], \u0026response[1], rlen - 1);\n--\u003e WARN_ON(port-\u003evdm_state \u003e VDM_STATE_DONE);\n\nFor this case, the state machine could still send out discover\nidentity message later if we skip current discover_identity message.\nSo we should handle the received message firstly and override the pending\ndiscover_identity message without warning in this case. Then, a delayed\nsend_discover work will send discover_identity message again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53048",
"url": "https://www.suse.com/security/cve/CVE-2023-53048"
},
{
"category": "external",
"summary": "SUSE Bug 1244179 for CVE-2023-53048",
"url": "https://bugzilla.suse.com/1244179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-53048"
},
{
"cve": "CVE-2023-53076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53076"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53076",
"url": "https://www.suse.com/security/cve/CVE-2023-53076"
},
{
"category": "external",
"summary": "SUSE Bug 1242221 for CVE-2023-53076",
"url": "https://bugzilla.suse.com/1242221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-53076"
},
{
"cve": "CVE-2023-53097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/iommu: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53097",
"url": "https://www.suse.com/security/cve/CVE-2023-53097"
},
{
"category": "external",
"summary": "SUSE Bug 1244114 for CVE-2023-53097",
"url": "https://bugzilla.suse.com/1244114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-53097"
},
{
"cve": "CVE-2024-26808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain\n\nRemove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER\nevent is reported, otherwise a stale reference to netdevice remains in\nthe hook list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26808",
"url": "https://www.suse.com/security/cve/CVE-2024-26808"
},
{
"category": "external",
"summary": "SUSE Bug 1222634 for CVE-2024-26808",
"url": "https://bugzilla.suse.com/1222634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2024-26808"
},
{
"cve": "CVE-2024-26924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: do not free live element\n\nPablo reports a crash with large batches of elements with a\nback-to-back add/remove pattern. Quoting Pablo:\n\n add_elem(\"00000000\") timeout 100 ms\n ...\n add_elem(\"0000000X\") timeout 100 ms\n del_elem(\"0000000X\") \u003c---------------- delete one that was just added\n ...\n add_elem(\"00005000\") timeout 100 ms\n\n 1) nft_pipapo_remove() removes element 0000000X\n Then, KASAN shows a splat.\n\nLooking at the remove function there is a chance that we will drop a\nrule that maps to a non-deactivated element.\n\nRemoval happens in two steps, first we do a lookup for key k and return the\nto-be-removed element and mark it as inactive in the next generation.\nThen, in a second step, the element gets removed from the set/map.\n\nThe _remove function does not work correctly if we have more than one\nelement that share the same key.\n\nThis can happen if we insert an element into a set when the set already\nholds an element with same key, but the element mapping to the existing\nkey has timed out or is not active in the next generation.\n\nIn such case its possible that removal will unmap the wrong element.\nIf this happens, we will leak the non-deactivated element, it becomes\nunreachable.\n\nThe element that got deactivated (and will be freed later) will\nremain reachable in the set data structure, this can result in\na crash when such an element is retrieved during lookup (stale\npointer).\n\nAdd a check that the fully matching key does in fact map to the element\nthat we have marked as inactive in the deactivation step.\nIf not, we need to continue searching.\n\nAdd a bug/warn trap at the end of the function as well, the remove\nfunction must not ever be called with an invisible/unreachable/non-existent\nelement.\n\nv2: avoid uneeded temporary variable (Stefano)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26924",
"url": "https://www.suse.com/security/cve/CVE-2024-26924"
},
{
"category": "external",
"summary": "SUSE Bug 1223387 for CVE-2024-26924",
"url": "https://bugzilla.suse.com/1223387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-26924"
},
{
"cve": "CVE-2024-26935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix unremoved procfs host directory regression\n\nCommit fc663711b944 (\"scsi: core: Remove the /proc/scsi/${proc_name}\ndirectory earlier\") fixed a bug related to modules loading/unloading, by\nadding a call to scsi_proc_hostdir_rm() on scsi_remove_host(). But that led\nto a potential duplicate call to the hostdir_rm() routine, since it\u0027s also\ncalled from scsi_host_dev_release(). That triggered a regression report,\nwhich was then fixed by commit be03df3d4bfe (\"scsi: core: Fix a procfs host\ndirectory removal regression\"). The fix just dropped the hostdir_rm() call\nfrom dev_release().\n\nBut it happens that this proc directory is created on scsi_host_alloc(),\nand that function \"pairs\" with scsi_host_dev_release(), while\nscsi_remove_host() pairs with scsi_add_host(). In other words, it seems the\nreason for removing the proc directory on dev_release() was meant to cover\ncases in which a SCSI host structure was allocated, but the call to\nscsi_add_host() didn\u0027t happen. And that pattern happens to exist in some\nerror paths, for example.\n\nSyzkaller causes that by using USB raw gadget device, error\u0027ing on\nusb-storage driver, at usb_stor_probe2(). By checking that path, we can see\nthat the BadDevice label leads to a scsi_host_put() after a SCSI host\nallocation, but there\u0027s no call to scsi_add_host() in such path. That leads\nto messages like this in dmesg (and a leak of the SCSI host proc\nstructure):\n\nusb-storage 4-1:87.51: USB Mass Storage device detected\nproc_dir_entry \u0027scsi/usb-storage\u0027 already registered\nWARNING: CPU: 1 PID: 3519 at fs/proc/generic.c:377 proc_register+0x347/0x4e0 fs/proc/generic.c:376\n\nThe proper fix seems to still call scsi_proc_hostdir_rm() on dev_release(),\nbut guard that with the state check for SHOST_CREATED; there is even a\ncomment in scsi_host_dev_release() detailing that: such conditional is\nmeant for cases where the SCSI host was allocated but there was no calls to\n{add,remove}_host(), like the usb-storage case.\n\nThis is what we propose here and with that, the error path of usb-storage\ndoes not trigger the warning anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26935",
"url": "https://www.suse.com/security/cve/CVE-2024-26935"
},
{
"category": "external",
"summary": "SUSE Bug 1223675 for CVE-2024-26935",
"url": "https://bugzilla.suse.com/1223675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-27397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: use timestamp to check for set element timeout\n\nAdd a timestamp field at the beginning of the transaction, store it\nin the nftables per-netns area.\n\nUpdate set backend .insert, .deactivate and sync gc path to use the\ntimestamp, this avoids that an element expires while control plane\ntransaction is still unfinished.\n\n.lookup and .update, which are used from packet path, still use the\ncurrent time to check if the element has expired. And .get path and dump\nalso since this runs lockless under rcu read size lock. Then, there is\nasync gc which also needs to check the current time since it runs\nasynchronously from a workqueue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27397",
"url": "https://www.suse.com/security/cve/CVE-2024-27397"
},
{
"category": "external",
"summary": "SUSE Bug 1224095 for CVE-2024-27397",
"url": "https://bugzilla.suse.com/1224095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-27397"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-36978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sch_multiq: fix possible OOB write in multiq_tune()\n\nq-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic\nafter kmalloc. So the old q-\u003ebands should not be used in kmalloc.\nOtherwise, an out-of-bounds write will occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36978",
"url": "https://www.suse.com/security/cve/CVE-2024-36978"
},
{
"category": "external",
"summary": "SUSE Bug 1226514 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "external",
"summary": "SUSE Bug 1244631 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1244631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "external",
"summary": "SUSE Bug 1245804 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1245804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2024-53197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices\n\nA bogus device can provide a bNumConfigurations value that exceeds the\ninitial value used in usb_get_configuration for allocating dev-\u003econfig.\n\nThis can lead to out-of-bounds accesses later, e.g. in\nusb_destroy_configuration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53197",
"url": "https://www.suse.com/security/cve/CVE-2024-53197"
},
{
"category": "external",
"summary": "SUSE Bug 1235464 for CVE-2024-53197",
"url": "https://bugzilla.suse.com/1235464"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-53197"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37785",
"url": "https://www.suse.com/security/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "SUSE Bug 1241640 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "external",
"summary": "SUSE Bug 1241698 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: copy_verifier_state() should copy \u0027loop_entry\u0027 field\n\nThe bpf_verifier_state.loop_entry state should be copied by\ncopy_verifier_state(). Otherwise, .loop_entry values from unrelated\nstates would poison env-\u003ecur_state.\n\nAdditionally, env-\u003estack should not contain any states with\n.loop_entry != NULL. The states in env-\u003estack are yet to be verified,\nwhile .loop_entry is set for states that reached an equivalent state.\nThis means that env-\u003ecur_state-\u003eloop_entry should always be NULL after\npop_stack().\n\nSee the selftest in the next commit for an example of the program that\nis not safe yet is accepted by verifier w/o this fix.\n\nThis change has some verification performance impact for selftests:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n---------------------------------- ---------------------------- --------- --------- -------------- ---------- ---------- -------------\narena_htab.bpf.o arena_htab_llvm 717 426 -291 (-40.59%) 57 37 -20 (-35.09%)\narena_htab_asm.bpf.o arena_htab_asm 597 445 -152 (-25.46%) 47 37 -10 (-21.28%)\narena_list.bpf.o arena_list_del 309 279 -30 (-9.71%) 23 14 -9 (-39.13%)\niters.bpf.o iter_subprog_check_stacksafe 155 141 -14 (-9.03%) 15 14 -1 (-6.67%)\niters.bpf.o iter_subprog_iters 1094 1003 -91 (-8.32%) 88 83 -5 (-5.68%)\niters.bpf.o loop_state_deps2 479 725 +246 (+51.36%) 46 63 +17 (+36.96%)\nkmem_cache_iter.bpf.o open_coded_iter 63 59 -4 (-6.35%) 7 6 -1 (-14.29%)\nverifier_bits_iter.bpf.o max_words 92 84 -8 (-8.70%) 8 7 -1 (-12.50%)\nverifier_iterating_callbacks.bpf.o cond_break2 113 107 -6 (-5.31%) 12 12 +0 (+0.00%)\n\nAnd significant negative impact for sched_ext:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n----------------- ---------------------- --------- --------- -------------------- ---------- ---------- ------------------\nbpf.bpf.o lavd_init 7039 14723 +7684 (+109.16%) 490 1139 +649 (+132.45%)\nbpf.bpf.o layered_dispatch 11485 10548 -937 (-8.16%) 848 762 -86 (-10.14%)\nbpf.bpf.o layered_dump 7422 1000001 +992579 (+13373.47%) 681 31178 +30497 (+4478.27%)\nbpf.bpf.o layered_enqueue 16854 71127 +54273 (+322.02%) 1611 6450 +4839 (+300.37%)\nbpf.bpf.o p2dq_dispatch 665 791 +126 (+18.95%) 68 78 +10 (+14.71%)\nbpf.bpf.o p2dq_init 2343 2980 +637 (+27.19%) 201 237 +36 (+17.91%)\nbpf.bpf.o refresh_layer_cpumasks 16487 674760 +658273 (+3992.68%) 1770 65370 +63600 (+3593.22%)\nbpf.bpf.o rusty_select_cpu 1937 40872 +38935 (+2010.07%) 177 3210 +3033 (+1713.56%)\nscx_central.bpf.o central_dispatch 636 2687 +2051 (+322.48%) 63 227 +164 (+260.32%)\nscx_nest.bpf.o nest_init 636 815 +179 (+28.14%) 60 73 +13 (+21.67%)\nscx_qmap.bpf.o qmap_dispatch \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38060",
"url": "https://www.suse.com/security/cve/CVE-2025-38060"
},
{
"category": "external",
"summary": "SUSE Bug 1245155 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "external",
"summary": "SUSE Bug 1245156 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-38060"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.100.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.100.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.100.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…