suse-su-2025:1194-1
Vulnerability from csaf_suse
Published
2025-04-10 13:46
Modified
2025-04-10 13:46
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47248: udp: fix race between close() and udp_abort() (bsc#1224867).
- CVE-2022-49051: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (bsc#1237903).
- CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
- CVE-2022-49275: can: m_can: m_can_tx_handler(): fix use after free of skb (bsc#1238719).
- CVE-2022-49413: bfq: Update cgroup information before merging bio (bsc#1238710).
- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
- CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream (bsc#1238729).
- CVE-2022-49563: crypto: qat - add param check for RSA (bsc#1238787).
- CVE-2022-49564: crypto: qat - add param check for DH (bsc#1238789).
- CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
- CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
- CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433).
- CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109).
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
- CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115).
The following non-security bugs were fixed:
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).
- btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).
- btrfs: send: use btrfs_file_extent_end() in send_write_or_clone() (bsc#1239969).
Patchnames
SUSE-2025-1194,SUSE-SUSE-MicroOS-5.1-2025-1194,SUSE-SUSE-MicroOS-5.2-2025-1194
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-47248: udp: fix race between close() and udp_abort() (bsc#1224867).\n- CVE-2022-49051: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (bsc#1237903).\n- CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).\n- CVE-2022-49275: can: m_can: m_can_tx_handler(): fix use after free of skb (bsc#1238719).\n- CVE-2022-49413: bfq: Update cgroup information before merging bio (bsc#1238710).\n- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).\n- CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream (bsc#1238729).\n- CVE-2022-49563: crypto: qat - add param check for RSA (bsc#1238787).\n- CVE-2022-49564: crypto: qat - add param check for DH (bsc#1238789).\n- CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).\n- CVE-2023-52935: mm/khugepaged: fix -\u003eanon_vma race (bsc#1240276).\n- CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433).\n- CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109).\n- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).\n- CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115).\n\nThe following non-security bugs were fixed:\n\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).\n- btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).\n- btrfs: send: use btrfs_file_extent_end() in send_write_or_clone() (bsc#1239969).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1194,SUSE-SUSE-MicroOS-5.1-2025-1194,SUSE-SUSE-MicroOS-5.2-2025-1194",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1194-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1194-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251194-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1194-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020681.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1179878",
"url": "https://bugzilla.suse.com/1179878"
},
{
"category": "self",
"summary": "SUSE Bug 1180814",
"url": "https://bugzilla.suse.com/1180814"
},
{
"category": "self",
"summary": "SUSE Bug 1185762",
"url": "https://bugzilla.suse.com/1185762"
},
{
"category": "self",
"summary": "SUSE Bug 1195823",
"url": "https://bugzilla.suse.com/1195823"
},
{
"category": "self",
"summary": "SUSE Bug 1196444",
"url": "https://bugzilla.suse.com/1196444"
},
{
"category": "self",
"summary": "SUSE Bug 1197158",
"url": "https://bugzilla.suse.com/1197158"
},
{
"category": "self",
"summary": "SUSE Bug 1197227",
"url": "https://bugzilla.suse.com/1197227"
},
{
"category": "self",
"summary": "SUSE Bug 1197302",
"url": "https://bugzilla.suse.com/1197302"
},
{
"category": "self",
"summary": "SUSE Bug 1197331",
"url": "https://bugzilla.suse.com/1197331"
},
{
"category": "self",
"summary": "SUSE Bug 1197472",
"url": "https://bugzilla.suse.com/1197472"
},
{
"category": "self",
"summary": "SUSE Bug 1197661",
"url": "https://bugzilla.suse.com/1197661"
},
{
"category": "self",
"summary": "SUSE Bug 1197926",
"url": "https://bugzilla.suse.com/1197926"
},
{
"category": "self",
"summary": "SUSE Bug 1198577",
"url": "https://bugzilla.suse.com/1198577"
},
{
"category": "self",
"summary": "SUSE Bug 1198660",
"url": "https://bugzilla.suse.com/1198660"
},
{
"category": "self",
"summary": "SUSE Bug 1199657",
"url": "https://bugzilla.suse.com/1199657"
},
{
"category": "self",
"summary": "SUSE Bug 1200045",
"url": "https://bugzilla.suse.com/1200045"
},
{
"category": "self",
"summary": "SUSE Bug 1200217",
"url": "https://bugzilla.suse.com/1200217"
},
{
"category": "self",
"summary": "SUSE Bug 1200571",
"url": "https://bugzilla.suse.com/1200571"
},
{
"category": "self",
"summary": "SUSE Bug 1200807",
"url": "https://bugzilla.suse.com/1200807"
},
{
"category": "self",
"summary": "SUSE Bug 1200809",
"url": "https://bugzilla.suse.com/1200809"
},
{
"category": "self",
"summary": "SUSE Bug 1200825",
"url": "https://bugzilla.suse.com/1200825"
},
{
"category": "self",
"summary": "SUSE Bug 1200871",
"url": "https://bugzilla.suse.com/1200871"
},
{
"category": "self",
"summary": "SUSE Bug 1200872",
"url": "https://bugzilla.suse.com/1200872"
},
{
"category": "self",
"summary": "SUSE Bug 1201193",
"url": "https://bugzilla.suse.com/1201193"
},
{
"category": "self",
"summary": "SUSE Bug 1201381",
"url": "https://bugzilla.suse.com/1201381"
},
{
"category": "self",
"summary": "SUSE Bug 1201610",
"url": "https://bugzilla.suse.com/1201610"
},
{
"category": "self",
"summary": "SUSE Bug 1202672",
"url": "https://bugzilla.suse.com/1202672"
},
{
"category": "self",
"summary": "SUSE Bug 1202711",
"url": "https://bugzilla.suse.com/1202711"
},
{
"category": "self",
"summary": "SUSE Bug 1203769",
"url": "https://bugzilla.suse.com/1203769"
},
{
"category": "self",
"summary": "SUSE Bug 1207186",
"url": "https://bugzilla.suse.com/1207186"
},
{
"category": "self",
"summary": "SUSE Bug 1209547",
"url": "https://bugzilla.suse.com/1209547"
},
{
"category": "self",
"summary": "SUSE Bug 1210647",
"url": "https://bugzilla.suse.com/1210647"
},
{
"category": "self",
"summary": "SUSE Bug 1213167",
"url": "https://bugzilla.suse.com/1213167"
},
{
"category": "self",
"summary": "SUSE Bug 1224867",
"url": "https://bugzilla.suse.com/1224867"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1230326",
"url": "https://bugzilla.suse.com/1230326"
},
{
"category": "self",
"summary": "SUSE Bug 1231375",
"url": "https://bugzilla.suse.com/1231375"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1235433",
"url": "https://bugzilla.suse.com/1235433"
},
{
"category": "self",
"summary": "SUSE Bug 1235528",
"url": "https://bugzilla.suse.com/1235528"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237718",
"url": "https://bugzilla.suse.com/1237718"
},
{
"category": "self",
"summary": "SUSE Bug 1237721",
"url": "https://bugzilla.suse.com/1237721"
},
{
"category": "self",
"summary": "SUSE Bug 1237723",
"url": "https://bugzilla.suse.com/1237723"
},
{
"category": "self",
"summary": "SUSE Bug 1237726",
"url": "https://bugzilla.suse.com/1237726"
},
{
"category": "self",
"summary": "SUSE Bug 1237734",
"url": "https://bugzilla.suse.com/1237734"
},
{
"category": "self",
"summary": "SUSE Bug 1237735",
"url": "https://bugzilla.suse.com/1237735"
},
{
"category": "self",
"summary": "SUSE Bug 1237736",
"url": "https://bugzilla.suse.com/1237736"
},
{
"category": "self",
"summary": "SUSE Bug 1237738",
"url": "https://bugzilla.suse.com/1237738"
},
{
"category": "self",
"summary": "SUSE Bug 1237739",
"url": "https://bugzilla.suse.com/1237739"
},
{
"category": "self",
"summary": "SUSE Bug 1237740",
"url": "https://bugzilla.suse.com/1237740"
},
{
"category": "self",
"summary": "SUSE Bug 1237742",
"url": "https://bugzilla.suse.com/1237742"
},
{
"category": "self",
"summary": "SUSE Bug 1237746",
"url": "https://bugzilla.suse.com/1237746"
},
{
"category": "self",
"summary": "SUSE Bug 1237748",
"url": "https://bugzilla.suse.com/1237748"
},
{
"category": "self",
"summary": "SUSE Bug 1237752",
"url": "https://bugzilla.suse.com/1237752"
},
{
"category": "self",
"summary": "SUSE Bug 1237778",
"url": "https://bugzilla.suse.com/1237778"
},
{
"category": "self",
"summary": "SUSE Bug 1237782",
"url": "https://bugzilla.suse.com/1237782"
},
{
"category": "self",
"summary": "SUSE Bug 1237783",
"url": "https://bugzilla.suse.com/1237783"
},
{
"category": "self",
"summary": "SUSE Bug 1237784",
"url": "https://bugzilla.suse.com/1237784"
},
{
"category": "self",
"summary": "SUSE Bug 1237788",
"url": "https://bugzilla.suse.com/1237788"
},
{
"category": "self",
"summary": "SUSE Bug 1237798",
"url": "https://bugzilla.suse.com/1237798"
},
{
"category": "self",
"summary": "SUSE Bug 1237810",
"url": "https://bugzilla.suse.com/1237810"
},
{
"category": "self",
"summary": "SUSE Bug 1237813",
"url": "https://bugzilla.suse.com/1237813"
},
{
"category": "self",
"summary": "SUSE Bug 1237814",
"url": "https://bugzilla.suse.com/1237814"
},
{
"category": "self",
"summary": "SUSE Bug 1237815",
"url": "https://bugzilla.suse.com/1237815"
},
{
"category": "self",
"summary": "SUSE Bug 1237823",
"url": "https://bugzilla.suse.com/1237823"
},
{
"category": "self",
"summary": "SUSE Bug 1237829",
"url": "https://bugzilla.suse.com/1237829"
},
{
"category": "self",
"summary": "SUSE Bug 1237831",
"url": "https://bugzilla.suse.com/1237831"
},
{
"category": "self",
"summary": "SUSE Bug 1237839",
"url": "https://bugzilla.suse.com/1237839"
},
{
"category": "self",
"summary": "SUSE Bug 1237840",
"url": "https://bugzilla.suse.com/1237840"
},
{
"category": "self",
"summary": "SUSE Bug 1237846",
"url": "https://bugzilla.suse.com/1237846"
},
{
"category": "self",
"summary": "SUSE Bug 1237868",
"url": "https://bugzilla.suse.com/1237868"
},
{
"category": "self",
"summary": "SUSE Bug 1237872",
"url": "https://bugzilla.suse.com/1237872"
},
{
"category": "self",
"summary": "SUSE Bug 1237903",
"url": "https://bugzilla.suse.com/1237903"
},
{
"category": "self",
"summary": "SUSE Bug 1237916",
"url": "https://bugzilla.suse.com/1237916"
},
{
"category": "self",
"summary": "SUSE Bug 1237918",
"url": "https://bugzilla.suse.com/1237918"
},
{
"category": "self",
"summary": "SUSE Bug 1237932",
"url": "https://bugzilla.suse.com/1237932"
},
{
"category": "self",
"summary": "SUSE Bug 1237940",
"url": "https://bugzilla.suse.com/1237940"
},
{
"category": "self",
"summary": "SUSE Bug 1237941",
"url": "https://bugzilla.suse.com/1237941"
},
{
"category": "self",
"summary": "SUSE Bug 1237951",
"url": "https://bugzilla.suse.com/1237951"
},
{
"category": "self",
"summary": "SUSE Bug 1237954",
"url": "https://bugzilla.suse.com/1237954"
},
{
"category": "self",
"summary": "SUSE Bug 1237958",
"url": "https://bugzilla.suse.com/1237958"
},
{
"category": "self",
"summary": "SUSE Bug 1237963",
"url": "https://bugzilla.suse.com/1237963"
},
{
"category": "self",
"summary": "SUSE Bug 1237983",
"url": "https://bugzilla.suse.com/1237983"
},
{
"category": "self",
"summary": "SUSE Bug 1237984",
"url": "https://bugzilla.suse.com/1237984"
},
{
"category": "self",
"summary": "SUSE Bug 1237996",
"url": "https://bugzilla.suse.com/1237996"
},
{
"category": "self",
"summary": "SUSE Bug 1237997",
"url": "https://bugzilla.suse.com/1237997"
},
{
"category": "self",
"summary": "SUSE Bug 1237998",
"url": "https://bugzilla.suse.com/1237998"
},
{
"category": "self",
"summary": "SUSE Bug 1238000",
"url": "https://bugzilla.suse.com/1238000"
},
{
"category": "self",
"summary": "SUSE Bug 1238007",
"url": "https://bugzilla.suse.com/1238007"
},
{
"category": "self",
"summary": "SUSE Bug 1238013",
"url": "https://bugzilla.suse.com/1238013"
},
{
"category": "self",
"summary": "SUSE Bug 1238022",
"url": "https://bugzilla.suse.com/1238022"
},
{
"category": "self",
"summary": "SUSE Bug 1238030",
"url": "https://bugzilla.suse.com/1238030"
},
{
"category": "self",
"summary": "SUSE Bug 1238036",
"url": "https://bugzilla.suse.com/1238036"
},
{
"category": "self",
"summary": "SUSE Bug 1238046",
"url": "https://bugzilla.suse.com/1238046"
},
{
"category": "self",
"summary": "SUSE Bug 1238071",
"url": "https://bugzilla.suse.com/1238071"
},
{
"category": "self",
"summary": "SUSE Bug 1238079",
"url": "https://bugzilla.suse.com/1238079"
},
{
"category": "self",
"summary": "SUSE Bug 1238096",
"url": "https://bugzilla.suse.com/1238096"
},
{
"category": "self",
"summary": "SUSE Bug 1238099",
"url": "https://bugzilla.suse.com/1238099"
},
{
"category": "self",
"summary": "SUSE Bug 1238103",
"url": "https://bugzilla.suse.com/1238103"
},
{
"category": "self",
"summary": "SUSE Bug 1238108",
"url": "https://bugzilla.suse.com/1238108"
},
{
"category": "self",
"summary": "SUSE Bug 1238111",
"url": "https://bugzilla.suse.com/1238111"
},
{
"category": "self",
"summary": "SUSE Bug 1238123",
"url": "https://bugzilla.suse.com/1238123"
},
{
"category": "self",
"summary": "SUSE Bug 1238126",
"url": "https://bugzilla.suse.com/1238126"
},
{
"category": "self",
"summary": "SUSE Bug 1238131",
"url": "https://bugzilla.suse.com/1238131"
},
{
"category": "self",
"summary": "SUSE Bug 1238135",
"url": "https://bugzilla.suse.com/1238135"
},
{
"category": "self",
"summary": "SUSE Bug 1238139",
"url": "https://bugzilla.suse.com/1238139"
},
{
"category": "self",
"summary": "SUSE Bug 1238146",
"url": "https://bugzilla.suse.com/1238146"
},
{
"category": "self",
"summary": "SUSE Bug 1238149",
"url": "https://bugzilla.suse.com/1238149"
},
{
"category": "self",
"summary": "SUSE Bug 1238150",
"url": "https://bugzilla.suse.com/1238150"
},
{
"category": "self",
"summary": "SUSE Bug 1238155",
"url": "https://bugzilla.suse.com/1238155"
},
{
"category": "self",
"summary": "SUSE Bug 1238156",
"url": "https://bugzilla.suse.com/1238156"
},
{
"category": "self",
"summary": "SUSE Bug 1238158",
"url": "https://bugzilla.suse.com/1238158"
},
{
"category": "self",
"summary": "SUSE Bug 1238162",
"url": "https://bugzilla.suse.com/1238162"
},
{
"category": "self",
"summary": "SUSE Bug 1238166",
"url": "https://bugzilla.suse.com/1238166"
},
{
"category": "self",
"summary": "SUSE Bug 1238168",
"url": "https://bugzilla.suse.com/1238168"
},
{
"category": "self",
"summary": "SUSE Bug 1238169",
"url": "https://bugzilla.suse.com/1238169"
},
{
"category": "self",
"summary": "SUSE Bug 1238170",
"url": "https://bugzilla.suse.com/1238170"
},
{
"category": "self",
"summary": "SUSE Bug 1238171",
"url": "https://bugzilla.suse.com/1238171"
},
{
"category": "self",
"summary": "SUSE Bug 1238172",
"url": "https://bugzilla.suse.com/1238172"
},
{
"category": "self",
"summary": "SUSE Bug 1238175",
"url": "https://bugzilla.suse.com/1238175"
},
{
"category": "self",
"summary": "SUSE Bug 1238177",
"url": "https://bugzilla.suse.com/1238177"
},
{
"category": "self",
"summary": "SUSE Bug 1238181",
"url": "https://bugzilla.suse.com/1238181"
},
{
"category": "self",
"summary": "SUSE Bug 1238183",
"url": "https://bugzilla.suse.com/1238183"
},
{
"category": "self",
"summary": "SUSE Bug 1238184",
"url": "https://bugzilla.suse.com/1238184"
},
{
"category": "self",
"summary": "SUSE Bug 1238228",
"url": "https://bugzilla.suse.com/1238228"
},
{
"category": "self",
"summary": "SUSE Bug 1238229",
"url": "https://bugzilla.suse.com/1238229"
},
{
"category": "self",
"summary": "SUSE Bug 1238231",
"url": "https://bugzilla.suse.com/1238231"
},
{
"category": "self",
"summary": "SUSE Bug 1238235",
"url": "https://bugzilla.suse.com/1238235"
},
{
"category": "self",
"summary": "SUSE Bug 1238236",
"url": "https://bugzilla.suse.com/1238236"
},
{
"category": "self",
"summary": "SUSE Bug 1238239",
"url": "https://bugzilla.suse.com/1238239"
},
{
"category": "self",
"summary": "SUSE Bug 1238241",
"url": "https://bugzilla.suse.com/1238241"
},
{
"category": "self",
"summary": "SUSE Bug 1238242",
"url": "https://bugzilla.suse.com/1238242"
},
{
"category": "self",
"summary": "SUSE Bug 1238243",
"url": "https://bugzilla.suse.com/1238243"
},
{
"category": "self",
"summary": "SUSE Bug 1238244",
"url": "https://bugzilla.suse.com/1238244"
},
{
"category": "self",
"summary": "SUSE Bug 1238249",
"url": "https://bugzilla.suse.com/1238249"
},
{
"category": "self",
"summary": "SUSE Bug 1238255",
"url": "https://bugzilla.suse.com/1238255"
},
{
"category": "self",
"summary": "SUSE Bug 1238256",
"url": "https://bugzilla.suse.com/1238256"
},
{
"category": "self",
"summary": "SUSE Bug 1238257",
"url": "https://bugzilla.suse.com/1238257"
},
{
"category": "self",
"summary": "SUSE Bug 1238263",
"url": "https://bugzilla.suse.com/1238263"
},
{
"category": "self",
"summary": "SUSE Bug 1238264",
"url": "https://bugzilla.suse.com/1238264"
},
{
"category": "self",
"summary": "SUSE Bug 1238266",
"url": "https://bugzilla.suse.com/1238266"
},
{
"category": "self",
"summary": "SUSE Bug 1238267",
"url": "https://bugzilla.suse.com/1238267"
},
{
"category": "self",
"summary": "SUSE Bug 1238269",
"url": "https://bugzilla.suse.com/1238269"
},
{
"category": "self",
"summary": "SUSE Bug 1238271",
"url": "https://bugzilla.suse.com/1238271"
},
{
"category": "self",
"summary": "SUSE Bug 1238272",
"url": "https://bugzilla.suse.com/1238272"
},
{
"category": "self",
"summary": "SUSE Bug 1238274",
"url": "https://bugzilla.suse.com/1238274"
},
{
"category": "self",
"summary": "SUSE Bug 1238275",
"url": "https://bugzilla.suse.com/1238275"
},
{
"category": "self",
"summary": "SUSE Bug 1238276",
"url": "https://bugzilla.suse.com/1238276"
},
{
"category": "self",
"summary": "SUSE Bug 1238278",
"url": "https://bugzilla.suse.com/1238278"
},
{
"category": "self",
"summary": "SUSE Bug 1238279",
"url": "https://bugzilla.suse.com/1238279"
},
{
"category": "self",
"summary": "SUSE Bug 1238281",
"url": "https://bugzilla.suse.com/1238281"
},
{
"category": "self",
"summary": "SUSE Bug 1238284",
"url": "https://bugzilla.suse.com/1238284"
},
{
"category": "self",
"summary": "SUSE Bug 1238289",
"url": "https://bugzilla.suse.com/1238289"
},
{
"category": "self",
"summary": "SUSE Bug 1238293",
"url": "https://bugzilla.suse.com/1238293"
},
{
"category": "self",
"summary": "SUSE Bug 1238306",
"url": "https://bugzilla.suse.com/1238306"
},
{
"category": "self",
"summary": "SUSE Bug 1238307",
"url": "https://bugzilla.suse.com/1238307"
},
{
"category": "self",
"summary": "SUSE Bug 1238313",
"url": "https://bugzilla.suse.com/1238313"
},
{
"category": "self",
"summary": "SUSE Bug 1238327",
"url": "https://bugzilla.suse.com/1238327"
},
{
"category": "self",
"summary": "SUSE Bug 1238331",
"url": "https://bugzilla.suse.com/1238331"
},
{
"category": "self",
"summary": "SUSE Bug 1238333",
"url": "https://bugzilla.suse.com/1238333"
},
{
"category": "self",
"summary": "SUSE Bug 1238334",
"url": "https://bugzilla.suse.com/1238334"
},
{
"category": "self",
"summary": "SUSE Bug 1238336",
"url": "https://bugzilla.suse.com/1238336"
},
{
"category": "self",
"summary": "SUSE Bug 1238337",
"url": "https://bugzilla.suse.com/1238337"
},
{
"category": "self",
"summary": "SUSE Bug 1238338",
"url": "https://bugzilla.suse.com/1238338"
},
{
"category": "self",
"summary": "SUSE Bug 1238343",
"url": "https://bugzilla.suse.com/1238343"
},
{
"category": "self",
"summary": "SUSE Bug 1238372",
"url": "https://bugzilla.suse.com/1238372"
},
{
"category": "self",
"summary": "SUSE Bug 1238373",
"url": "https://bugzilla.suse.com/1238373"
},
{
"category": "self",
"summary": "SUSE Bug 1238377",
"url": "https://bugzilla.suse.com/1238377"
},
{
"category": "self",
"summary": "SUSE Bug 1238382",
"url": "https://bugzilla.suse.com/1238382"
},
{
"category": "self",
"summary": "SUSE Bug 1238386",
"url": "https://bugzilla.suse.com/1238386"
},
{
"category": "self",
"summary": "SUSE Bug 1238393",
"url": "https://bugzilla.suse.com/1238393"
},
{
"category": "self",
"summary": "SUSE Bug 1238394",
"url": "https://bugzilla.suse.com/1238394"
},
{
"category": "self",
"summary": "SUSE Bug 1238395",
"url": "https://bugzilla.suse.com/1238395"
},
{
"category": "self",
"summary": "SUSE Bug 1238413",
"url": "https://bugzilla.suse.com/1238413"
},
{
"category": "self",
"summary": "SUSE Bug 1238416",
"url": "https://bugzilla.suse.com/1238416"
},
{
"category": "self",
"summary": "SUSE Bug 1238417",
"url": "https://bugzilla.suse.com/1238417"
},
{
"category": "self",
"summary": "SUSE Bug 1238419",
"url": "https://bugzilla.suse.com/1238419"
},
{
"category": "self",
"summary": "SUSE Bug 1238420",
"url": "https://bugzilla.suse.com/1238420"
},
{
"category": "self",
"summary": "SUSE Bug 1238429",
"url": "https://bugzilla.suse.com/1238429"
},
{
"category": "self",
"summary": "SUSE Bug 1238430",
"url": "https://bugzilla.suse.com/1238430"
},
{
"category": "self",
"summary": "SUSE Bug 1238435",
"url": "https://bugzilla.suse.com/1238435"
},
{
"category": "self",
"summary": "SUSE Bug 1238441",
"url": "https://bugzilla.suse.com/1238441"
},
{
"category": "self",
"summary": "SUSE Bug 1238443",
"url": "https://bugzilla.suse.com/1238443"
},
{
"category": "self",
"summary": "SUSE Bug 1238454",
"url": "https://bugzilla.suse.com/1238454"
},
{
"category": "self",
"summary": "SUSE Bug 1238462",
"url": "https://bugzilla.suse.com/1238462"
},
{
"category": "self",
"summary": "SUSE Bug 1238467",
"url": "https://bugzilla.suse.com/1238467"
},
{
"category": "self",
"summary": "SUSE Bug 1238469",
"url": "https://bugzilla.suse.com/1238469"
},
{
"category": "self",
"summary": "SUSE Bug 1238539",
"url": "https://bugzilla.suse.com/1238539"
},
{
"category": "self",
"summary": "SUSE Bug 1238543",
"url": "https://bugzilla.suse.com/1238543"
},
{
"category": "self",
"summary": "SUSE Bug 1238546",
"url": "https://bugzilla.suse.com/1238546"
},
{
"category": "self",
"summary": "SUSE Bug 1238599",
"url": "https://bugzilla.suse.com/1238599"
},
{
"category": "self",
"summary": "SUSE Bug 1238600",
"url": "https://bugzilla.suse.com/1238600"
},
{
"category": "self",
"summary": "SUSE Bug 1238612",
"url": "https://bugzilla.suse.com/1238612"
},
{
"category": "self",
"summary": "SUSE Bug 1238615",
"url": "https://bugzilla.suse.com/1238615"
},
{
"category": "self",
"summary": "SUSE Bug 1238617",
"url": "https://bugzilla.suse.com/1238617"
},
{
"category": "self",
"summary": "SUSE Bug 1238618",
"url": "https://bugzilla.suse.com/1238618"
},
{
"category": "self",
"summary": "SUSE Bug 1238621",
"url": "https://bugzilla.suse.com/1238621"
},
{
"category": "self",
"summary": "SUSE Bug 1238623",
"url": "https://bugzilla.suse.com/1238623"
},
{
"category": "self",
"summary": "SUSE Bug 1238625",
"url": "https://bugzilla.suse.com/1238625"
},
{
"category": "self",
"summary": "SUSE Bug 1238626",
"url": "https://bugzilla.suse.com/1238626"
},
{
"category": "self",
"summary": "SUSE Bug 1238630",
"url": "https://bugzilla.suse.com/1238630"
},
{
"category": "self",
"summary": "SUSE Bug 1238631",
"url": "https://bugzilla.suse.com/1238631"
},
{
"category": "self",
"summary": "SUSE Bug 1238633",
"url": "https://bugzilla.suse.com/1238633"
},
{
"category": "self",
"summary": "SUSE Bug 1238635",
"url": "https://bugzilla.suse.com/1238635"
},
{
"category": "self",
"summary": "SUSE Bug 1238638",
"url": "https://bugzilla.suse.com/1238638"
},
{
"category": "self",
"summary": "SUSE Bug 1238639",
"url": "https://bugzilla.suse.com/1238639"
},
{
"category": "self",
"summary": "SUSE Bug 1238641",
"url": "https://bugzilla.suse.com/1238641"
},
{
"category": "self",
"summary": "SUSE Bug 1238643",
"url": "https://bugzilla.suse.com/1238643"
},
{
"category": "self",
"summary": "SUSE Bug 1238645",
"url": "https://bugzilla.suse.com/1238645"
},
{
"category": "self",
"summary": "SUSE Bug 1238646",
"url": "https://bugzilla.suse.com/1238646"
},
{
"category": "self",
"summary": "SUSE Bug 1238653",
"url": "https://bugzilla.suse.com/1238653"
},
{
"category": "self",
"summary": "SUSE Bug 1238655",
"url": "https://bugzilla.suse.com/1238655"
},
{
"category": "self",
"summary": "SUSE Bug 1238663",
"url": "https://bugzilla.suse.com/1238663"
},
{
"category": "self",
"summary": "SUSE Bug 1238705",
"url": "https://bugzilla.suse.com/1238705"
},
{
"category": "self",
"summary": "SUSE Bug 1238707",
"url": "https://bugzilla.suse.com/1238707"
},
{
"category": "self",
"summary": "SUSE Bug 1238710",
"url": "https://bugzilla.suse.com/1238710"
},
{
"category": "self",
"summary": "SUSE Bug 1238712",
"url": "https://bugzilla.suse.com/1238712"
},
{
"category": "self",
"summary": "SUSE Bug 1238718",
"url": "https://bugzilla.suse.com/1238718"
},
{
"category": "self",
"summary": "SUSE Bug 1238719",
"url": "https://bugzilla.suse.com/1238719"
},
{
"category": "self",
"summary": "SUSE Bug 1238721",
"url": "https://bugzilla.suse.com/1238721"
},
{
"category": "self",
"summary": "SUSE Bug 1238722",
"url": "https://bugzilla.suse.com/1238722"
},
{
"category": "self",
"summary": "SUSE Bug 1238727",
"url": "https://bugzilla.suse.com/1238727"
},
{
"category": "self",
"summary": "SUSE Bug 1238729",
"url": "https://bugzilla.suse.com/1238729"
},
{
"category": "self",
"summary": "SUSE Bug 1238750",
"url": "https://bugzilla.suse.com/1238750"
},
{
"category": "self",
"summary": "SUSE Bug 1238787",
"url": "https://bugzilla.suse.com/1238787"
},
{
"category": "self",
"summary": "SUSE Bug 1238789",
"url": "https://bugzilla.suse.com/1238789"
},
{
"category": "self",
"summary": "SUSE Bug 1238805",
"url": "https://bugzilla.suse.com/1238805"
},
{
"category": "self",
"summary": "SUSE Bug 1238809",
"url": "https://bugzilla.suse.com/1238809"
},
{
"category": "self",
"summary": "SUSE Bug 1238814",
"url": "https://bugzilla.suse.com/1238814"
},
{
"category": "self",
"summary": "SUSE Bug 1238815",
"url": "https://bugzilla.suse.com/1238815"
},
{
"category": "self",
"summary": "SUSE Bug 1238819",
"url": "https://bugzilla.suse.com/1238819"
},
{
"category": "self",
"summary": "SUSE Bug 1238821",
"url": "https://bugzilla.suse.com/1238821"
},
{
"category": "self",
"summary": "SUSE Bug 1238822",
"url": "https://bugzilla.suse.com/1238822"
},
{
"category": "self",
"summary": "SUSE Bug 1238823",
"url": "https://bugzilla.suse.com/1238823"
},
{
"category": "self",
"summary": "SUSE Bug 1238825",
"url": "https://bugzilla.suse.com/1238825"
},
{
"category": "self",
"summary": "SUSE Bug 1238835",
"url": "https://bugzilla.suse.com/1238835"
},
{
"category": "self",
"summary": "SUSE Bug 1238838",
"url": "https://bugzilla.suse.com/1238838"
},
{
"category": "self",
"summary": "SUSE Bug 1238868",
"url": "https://bugzilla.suse.com/1238868"
},
{
"category": "self",
"summary": "SUSE Bug 1238869",
"url": "https://bugzilla.suse.com/1238869"
},
{
"category": "self",
"summary": "SUSE Bug 1238871",
"url": "https://bugzilla.suse.com/1238871"
},
{
"category": "self",
"summary": "SUSE Bug 1238892",
"url": "https://bugzilla.suse.com/1238892"
},
{
"category": "self",
"summary": "SUSE Bug 1238893",
"url": "https://bugzilla.suse.com/1238893"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238919",
"url": "https://bugzilla.suse.com/1238919"
},
{
"category": "self",
"summary": "SUSE Bug 1238925",
"url": "https://bugzilla.suse.com/1238925"
},
{
"category": "self",
"summary": "SUSE Bug 1238930",
"url": "https://bugzilla.suse.com/1238930"
},
{
"category": "self",
"summary": "SUSE Bug 1238933",
"url": "https://bugzilla.suse.com/1238933"
},
{
"category": "self",
"summary": "SUSE Bug 1238937",
"url": "https://bugzilla.suse.com/1238937"
},
{
"category": "self",
"summary": "SUSE Bug 1238938",
"url": "https://bugzilla.suse.com/1238938"
},
{
"category": "self",
"summary": "SUSE Bug 1238939",
"url": "https://bugzilla.suse.com/1238939"
},
{
"category": "self",
"summary": "SUSE Bug 1238948",
"url": "https://bugzilla.suse.com/1238948"
},
{
"category": "self",
"summary": "SUSE Bug 1238949",
"url": "https://bugzilla.suse.com/1238949"
},
{
"category": "self",
"summary": "SUSE Bug 1238952",
"url": "https://bugzilla.suse.com/1238952"
},
{
"category": "self",
"summary": "SUSE Bug 1239001",
"url": "https://bugzilla.suse.com/1239001"
},
{
"category": "self",
"summary": "SUSE Bug 1239035",
"url": "https://bugzilla.suse.com/1239035"
},
{
"category": "self",
"summary": "SUSE Bug 1239040",
"url": "https://bugzilla.suse.com/1239040"
},
{
"category": "self",
"summary": "SUSE Bug 1239041",
"url": "https://bugzilla.suse.com/1239041"
},
{
"category": "self",
"summary": "SUSE Bug 1239060",
"url": "https://bugzilla.suse.com/1239060"
},
{
"category": "self",
"summary": "SUSE Bug 1239070",
"url": "https://bugzilla.suse.com/1239070"
},
{
"category": "self",
"summary": "SUSE Bug 1239071",
"url": "https://bugzilla.suse.com/1239071"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239454",
"url": "https://bugzilla.suse.com/1239454"
},
{
"category": "self",
"summary": "SUSE Bug 1239969",
"url": "https://bugzilla.suse.com/1239969"
},
{
"category": "self",
"summary": "SUSE Bug 1240207",
"url": "https://bugzilla.suse.com/1240207"
},
{
"category": "self",
"summary": "SUSE Bug 1240213",
"url": "https://bugzilla.suse.com/1240213"
},
{
"category": "self",
"summary": "SUSE Bug 1240218",
"url": "https://bugzilla.suse.com/1240218"
},
{
"category": "self",
"summary": "SUSE Bug 1240227",
"url": "https://bugzilla.suse.com/1240227"
},
{
"category": "self",
"summary": "SUSE Bug 1240272",
"url": "https://bugzilla.suse.com/1240272"
},
{
"category": "self",
"summary": "SUSE Bug 1240276",
"url": "https://bugzilla.suse.com/1240276"
},
{
"category": "self",
"summary": "SUSE Bug 1240288",
"url": "https://bugzilla.suse.com/1240288"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5753 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27835 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47248 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47631 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47641 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47642 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47650 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47651 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47652 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47653 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0168 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1016 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1048 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1184 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2977 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29900 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29901 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3303 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49044 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49051 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49053 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49055 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49058 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49059 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49063 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49065 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49073 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49076 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49078 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49082 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49083 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49085 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49091 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49095 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49098 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49100 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49111 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49114 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49122 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49122/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49137 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49145 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49151 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49156 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49157 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49158 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49159 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49160 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49164 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49175 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49185 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49189 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49196 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49200 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49201 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49206 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49212 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49213 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49216 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49217 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49224 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49224/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49226 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49232 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49235 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49242 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49243 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49247 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49253 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49259 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49261 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49263 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49264 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49271 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49272 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49275 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49279 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49281 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49285 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49287 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49288 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49290 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49291 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49292 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49293 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49295 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49297 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49298 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49298/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49299 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49299/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49300 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49301 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49302 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49304 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49305 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49307 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49313 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49313/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49314 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49315 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49316 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49316/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49320 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49321 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49326 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49326/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49327 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49331 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49332 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49335 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49343 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49347 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49349 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49352 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49357 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49370 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49371 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49373 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49375 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49376 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49382 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49389 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49394 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49394/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49396 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49397 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49398 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49399 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49402 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49404 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49409 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49410 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49411 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49413 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49414 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49416 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49421 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49422 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49422/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49437 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49438 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49441 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49442 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49446 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49451 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49455 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49459 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49460 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49462 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49465 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49467 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49473 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49474 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49475 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49478 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49481 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49482 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49488 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49489 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49490 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49491 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49493 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49495 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49498 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49503 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49504 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49505 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49508 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49514 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49517 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49521 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49522 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49524 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49525 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49526 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49527 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49532 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49534 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49535 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49536 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49537 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49542 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49544 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49546 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49555 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49563 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49564 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49566 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49609 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49610 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49611 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49623 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49627 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49631 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49640 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49641 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49643 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49644 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49645 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49646 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49647 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49648 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49649 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49649/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49652 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49657 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49661 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49670 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49671 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49673 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49674 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49678 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49685 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49687 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49693 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49700 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49701 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49703 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49707 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49708 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49710 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49711 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49712 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49713 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49720 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49723 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49729 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49730 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49731 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49733 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49739 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2162 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3567 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52935 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52973 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52974 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53000 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53015 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53024 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56651 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-10T13:46:40Z",
"generator": {
"date": "2025-04-10T13:46:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1194-1",
"initial_release_date": "2025-04-10T13:46:40Z",
"revision_history": [
{
"date": "2025-04-10T13:46:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.205.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.205.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.205.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.205.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.205.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.205.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.205.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.205.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.205.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-150300.205.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.205.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.205.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.205.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.205.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.205.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.205.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.205.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.205.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.205.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.205.1.noarch as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.205.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.205.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.205.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.205.1.noarch as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.205.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5753"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5753",
"url": "https://www.suse.com/security/cve/CVE-2017-5753"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1075748 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087084 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1209547 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1209547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2020-27835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27835"
}
],
"notes": [
{
"category": "general",
"text": "A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27835",
"url": "https://www.suse.com/security/cve/CVE-2020-27835"
},
{
"category": "external",
"summary": "SUSE Bug 1179878 for CVE-2020-27835",
"url": "https://bugzilla.suse.com/1179878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2020-27835"
},
{
"cve": "CVE-2021-47248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can\u0027t easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey \u003ckapandey@codeaurora.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47248",
"url": "https://www.suse.com/security/cve/CVE-2021-47248"
},
{
"category": "external",
"summary": "SUSE Bug 1224867 for CVE-2021-47248",
"url": "https://bugzilla.suse.com/1224867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47248"
},
{
"cve": "CVE-2021-47631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: davinci: da850-evm: Avoid NULL pointer dereference\n\nWith newer versions of GCC, there is a panic in da850_evm_config_emac()\nwhen booting multi_v5_defconfig in QEMU under the palmetto-bmc machine:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000020\npgd = (ptrval)\n[00000020] *pgd=00000000\nInternal error: Oops: 5 [#1] PREEMPT ARM\nModules linked in:\nCPU: 0 PID: 1 Comm: swapper Not tainted 5.15.0 #1\nHardware name: Generic DT based system\nPC is at da850_evm_config_emac+0x1c/0x120\nLR is at do_one_initcall+0x50/0x1e0\n\nThe emac_pdata pointer in soc_info is NULL because davinci_soc_info only\ngets populated on davinci machines but da850_evm_config_emac() is called\non all machines via device_initcall().\n\nMove the rmii_en assignment below the machine check so that it is only\ndereferenced when running on a supported SoC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47631",
"url": "https://www.suse.com/security/cve/CVE-2021-47631"
},
{
"category": "external",
"summary": "SUSE Bug 1237718 for CVE-2021-47631",
"url": "https://bugzilla.suse.com/1237718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47631"
},
{
"cve": "CVE-2021-47641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: cirrusfb: check pixclock to avoid divide by zero\n\nDo a sanity check on pixclock value to avoid divide by zero.\n\nIf the pixclock value is zero, the cirrusfb driver will round up\npixclock to get the derived frequency as close to maxclock as\npossible.\n\nSyzkaller reported a divide error in cirrusfb_check_pixclock.\n\ndivide error: 0000 [#1] SMP KASAN PTI\nCPU: 0 PID: 14938 Comm: cirrusfb_test Not tainted 5.15.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2\nRIP: 0010:cirrusfb_check_var+0x6f1/0x1260\n\nCall Trace:\n fb_set_var+0x398/0xf90\n do_fb_ioctl+0x4b8/0x6f0\n fb_ioctl+0xeb/0x130\n __x64_sys_ioctl+0x19d/0x220\n do_syscall_64+0x3a/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47641",
"url": "https://www.suse.com/security/cve/CVE-2021-47641"
},
{
"category": "external",
"summary": "SUSE Bug 1237734 for CVE-2021-47641",
"url": "https://bugzilla.suse.com/1237734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47641"
},
{
"cve": "CVE-2021-47642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow\n\nCoverity complains of a possible buffer overflow. However,\ngiven the \u0027static\u0027 scope of nvidia_setup_i2c_bus() it looks\nlike that can\u0027t happen after examiniing the call sites.\n\nCID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)\n1. fixed_size_dest: You might overrun the 48-character fixed-size string\n chan-\u003eadapter.name by copying name without checking the length.\n2. parameter_as_source: Note: This defect has an elevated risk because the\n source argument is a parameter of the current function.\n 89 strcpy(chan-\u003eadapter.name, name);\n\nFix this warning by using strscpy() which will silence the warning and\nprevent any future buffer overflows should the names used to identify the\nchannel become much longer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47642",
"url": "https://www.suse.com/security/cve/CVE-2021-47642"
},
{
"category": "external",
"summary": "SUSE Bug 1237916 for CVE-2021-47642",
"url": "https://bugzilla.suse.com/1237916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47642"
},
{
"cve": "CVE-2021-47650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-compress: prevent the potentially use of null pointer\n\nThere is one call trace that snd_soc_register_card()\n-\u003esnd_soc_bind_card()-\u003esoc_init_pcm_runtime()\n-\u003esnd_soc_dai_compress_new()-\u003esnd_soc_new_compress().\nIn the trace the \u0027codec_dai\u0027 transfers from card-\u003edai_link,\nand we can see from the snd_soc_add_pcm_runtime() in\nsnd_soc_bind_card() that, if value of card-\u003edai_link-\u003enum_codecs\nis 0, then \u0027codec_dai\u0027 could be null pointer caused\nby index out of bound in \u0027asoc_rtd_to_codec(rtd, 0)\u0027.\nAnd snd_soc_register_card() is called by various platforms.\nTherefore, it is better to add the check in the case of misusing.\nAnd because \u0027cpu_dai\u0027 has already checked in soc_init_pcm_runtime(),\nthere is no need to check again.\nAdding the check as follow, then if \u0027codec_dai\u0027 is null,\nsnd_soc_new_compress() will not pass through the check\n\u0027if (playback + capture != 1)\u0027, avoiding the leftover use of\n\u0027codec_dai\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47650",
"url": "https://www.suse.com/security/cve/CVE-2021-47650"
},
{
"category": "external",
"summary": "SUSE Bug 1237742 for CVE-2021-47650",
"url": "https://bugzilla.suse.com/1237742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47650"
},
{
"cve": "CVE-2021-47651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: rpmpd: Check for null return of devm_kcalloc\n\nBecause of the possible failure of the allocation, data-\u003edomains might\nbe NULL pointer and will cause the dereference of the NULL pointer\nlater.\nTherefore, it might be better to check it and directly return -ENOMEM\nwithout releasing data manually if fails, because the comment of the\ndevm_kmalloc() says \"Memory allocated with this function is\nautomatically freed on driver detach.\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47651",
"url": "https://www.suse.com/security/cve/CVE-2021-47651"
},
{
"category": "external",
"summary": "SUSE Bug 1237872 for CVE-2021-47651",
"url": "https://bugzilla.suse.com/1237872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47651"
},
{
"cve": "CVE-2021-47652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()\n\nI got a null-ptr-deref report:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:fb_destroy_modelist+0x38/0x100\n...\nCall Trace:\n ufx_usb_probe.cold+0x2b5/0xac1 [smscufx]\n usb_probe_interface+0x1aa/0x3c0 [usbcore]\n really_probe+0x167/0x460\n...\n ret_from_fork+0x1f/0x30\n\nIf fb_alloc_cmap() fails in ufx_usb_probe(), fb_destroy_modelist() will\nbe called to destroy modelist in the error handling path. But modelist\nhas not been initialized yet, so it will result in null-ptr-deref.\n\nInitialize modelist before calling fb_alloc_cmap() to fix this bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47652",
"url": "https://www.suse.com/security/cve/CVE-2021-47652"
},
{
"category": "external",
"summary": "SUSE Bug 1237721 for CVE-2021-47652",
"url": "https://bugzilla.suse.com/1237721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47652"
},
{
"cve": "CVE-2021-47653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: davinci: vpif: fix use-after-free on driver unbind\n\nThe driver allocates and registers two platform device structures during\nprobe, but the devices were never deregistered on driver unbind.\n\nThis results in a use-after-free on driver unbind as the device\nstructures were allocated using devres and would be freed by driver\ncore when remove() returns.\n\nFix this by adding the missing deregistration calls to the remove()\ncallback and failing probe on registration errors.\n\nNote that the platform device structures must be freed using a proper\nrelease callback to avoid leaking associated resources like device\nnames.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47653",
"url": "https://www.suse.com/security/cve/CVE-2021-47653"
},
{
"category": "external",
"summary": "SUSE Bug 1237748 for CVE-2021-47653",
"url": "https://bugzilla.suse.com/1237748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47653"
},
{
"cve": "CVE-2021-47659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/plane: Move range check for format_count earlier\n\nWhile the check for format_count \u003e 64 in __drm_universal_plane_init()\nshouldn\u0027t be hit (it\u0027s a WARN_ON), in its current position it will then\nleak the plane-\u003eformat_types array and fail to call\ndrm_mode_object_unregister() leaking the modeset identifier. Move it to\nthe start of the function to avoid allocating those resources in the\nfirst place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47659",
"url": "https://www.suse.com/security/cve/CVE-2021-47659"
},
{
"category": "external",
"summary": "SUSE Bug 1237839 for CVE-2021-47659",
"url": "https://bugzilla.suse.com/1237839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-47659"
},
{
"cve": "CVE-2022-0168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0168"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service (DOS) issue was found in the Linux kernel\u0027s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0168",
"url": "https://www.suse.com/security/cve/CVE-2022-0168"
},
{
"category": "external",
"summary": "SUSE Bug 1197472 for CVE-2022-0168",
"url": "https://bugzilla.suse.com/1197472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-0168"
},
{
"cve": "CVE-2022-1016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1016"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle \u0027return\u0027 with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1016",
"url": "https://www.suse.com/security/cve/CVE-2022-1016"
},
{
"category": "external",
"summary": "SUSE Bug 1197227 for CVE-2022-1016",
"url": "https://bugzilla.suse.com/1197227"
},
{
"category": "external",
"summary": "SUSE Bug 1197335 for CVE-2022-1016",
"url": "https://bugzilla.suse.com/1197335"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-1016"
},
{
"cve": "CVE-2022-1048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1048"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1048",
"url": "https://www.suse.com/security/cve/CVE-2022-1048"
},
{
"category": "external",
"summary": "SUSE Bug 1197331 for CVE-2022-1048",
"url": "https://bugzilla.suse.com/1197331"
},
{
"category": "external",
"summary": "SUSE Bug 1197597 for CVE-2022-1048",
"url": "https://bugzilla.suse.com/1197597"
},
{
"category": "external",
"summary": "SUSE Bug 1200041 for CVE-2022-1048",
"url": "https://bugzilla.suse.com/1200041"
},
{
"category": "external",
"summary": "SUSE Bug 1204132 for CVE-2022-1048",
"url": "https://bugzilla.suse.com/1204132"
},
{
"category": "external",
"summary": "SUSE Bug 1212325 for CVE-2022-1048",
"url": "https://bugzilla.suse.com/1212325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-1048"
},
{
"cve": "CVE-2022-1184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1184"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u0027s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1184",
"url": "https://www.suse.com/security/cve/CVE-2022-1184"
},
{
"category": "external",
"summary": "SUSE Bug 1198577 for CVE-2022-1184",
"url": "https://bugzilla.suse.com/1198577"
},
{
"category": "external",
"summary": "SUSE Bug 1210859 for CVE-2022-1184",
"url": "https://bugzilla.suse.com/1210859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-1184"
},
{
"cve": "CVE-2022-2977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2977"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2977",
"url": "https://www.suse.com/security/cve/CVE-2022-2977"
},
{
"category": "external",
"summary": "SUSE Bug 1202672 for CVE-2022-2977",
"url": "https://bugzilla.suse.com/1202672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-2977"
},
{
"cve": "CVE-2022-29900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29900"
}
],
"notes": [
{
"category": "general",
"text": "Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29900",
"url": "https://www.suse.com/security/cve/CVE-2022-29900"
},
{
"category": "external",
"summary": "SUSE Bug 1199657 for CVE-2022-29900",
"url": "https://bugzilla.suse.com/1199657"
},
{
"category": "external",
"summary": "SUSE Bug 1201469 for CVE-2022-29900",
"url": "https://bugzilla.suse.com/1201469"
},
{
"category": "external",
"summary": "SUSE Bug 1207894 for CVE-2022-29900",
"url": "https://bugzilla.suse.com/1207894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-29900"
},
{
"cve": "CVE-2022-29901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29901"
}
],
"notes": [
{
"category": "general",
"text": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29901",
"url": "https://www.suse.com/security/cve/CVE-2022-29901"
},
{
"category": "external",
"summary": "SUSE Bug 1199657 for CVE-2022-29901",
"url": "https://bugzilla.suse.com/1199657"
},
{
"category": "external",
"summary": "SUSE Bug 1201469 for CVE-2022-29901",
"url": "https://bugzilla.suse.com/1201469"
},
{
"category": "external",
"summary": "SUSE Bug 1207894 for CVE-2022-29901",
"url": "https://bugzilla.suse.com/1207894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-29901"
},
{
"cve": "CVE-2022-3303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3303"
}
],
"notes": [
{
"category": "general",
"text": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3303",
"url": "https://www.suse.com/security/cve/CVE-2022-3303"
},
{
"category": "external",
"summary": "SUSE Bug 1203769 for CVE-2022-3303",
"url": "https://bugzilla.suse.com/1203769"
},
{
"category": "external",
"summary": "SUSE Bug 1212304 for CVE-2022-3303",
"url": "https://bugzilla.suse.com/1212304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-3303"
},
{
"cve": "CVE-2022-49044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm integrity: fix memory corruption when tag_size is less than digest size\n\nIt is possible to set up dm-integrity in such a way that the\n\"tag_size\" parameter is less than the actual digest size. In this\nsituation, a part of the digest beyond tag_size is ignored.\n\nIn this case, dm-integrity would write beyond the end of the\nic-\u003erecalc_tags array and corrupt memory. The corruption happened in\nintegrity_recalc-\u003eintegrity_sector_checksum-\u003ecrypto_shash_final.\n\nFix this corruption by increasing the tags array so that it has enough\npadding at the end to accomodate the loop in integrity_recalc() being\nable to write a full digest size for the last member of the tags\narray.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49044",
"url": "https://www.suse.com/security/cve/CVE-2022-49044"
},
{
"category": "external",
"summary": "SUSE Bug 1237840 for CVE-2022-49044",
"url": "https://bugzilla.suse.com/1237840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49044"
},
{
"cve": "CVE-2022-49051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: aqc111: Fix out-of-bounds accesses in RX fixup\n\naqc111_rx_fixup() contains several out-of-bounds accesses that can be\ntriggered by a malicious (or defective) USB device, in particular:\n\n - The metadata array (desc_offset..desc_offset+2*pkt_count) can be out of bounds,\n causing OOB reads and (on big-endian systems) OOB endianness flips.\n - A packet can overlap the metadata array, causing a later OOB\n endianness flip to corrupt data used by a cloned SKB that has already\n been handed off into the network stack.\n - A packet SKB can be constructed whose tail is far beyond its end,\n causing out-of-bounds heap data to be considered part of the SKB\u0027s\n data.\n\nFound doing variant analysis. Tested it with another driver (ax88179_178a), since\nI don\u0027t have a aqc111 device to test it, but the code looks very similar.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49051",
"url": "https://www.suse.com/security/cve/CVE-2022-49051"
},
{
"category": "external",
"summary": "SUSE Bug 1237903 for CVE-2022-49051",
"url": "https://bugzilla.suse.com/1237903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49051"
},
{
"cve": "CVE-2022-49053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcmu: Fix possible page UAF\n\ntcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not\ntake refcount properly and just returns page pointer. When\ntcmu_try_get_data_page() returns, the returned page may have been freed by\ntcmu_blocks_release().\n\nWe need to get_page() under cmdr_lock to avoid concurrent\ntcmu_blocks_release().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49053",
"url": "https://www.suse.com/security/cve/CVE-2022-49053"
},
{
"category": "external",
"summary": "SUSE Bug 1237918 for CVE-2022-49053",
"url": "https://bugzilla.suse.com/1237918"
},
{
"category": "external",
"summary": "SUSE Bug 1237930 for CVE-2022-49053",
"url": "https://bugzilla.suse.com/1237930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49053"
},
{
"cve": "CVE-2022-49055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Check for potential null return of kmalloc_array()\n\nAs the kmalloc_array() may return null, the \u0027event_waiters[i].wait\u0027 would lead to null-pointer dereference.\nTherefore, it is better to check the return value of kmalloc_array() to avoid this confusion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49055",
"url": "https://www.suse.com/security/cve/CVE-2022-49055"
},
{
"category": "external",
"summary": "SUSE Bug 1237868 for CVE-2022-49055",
"url": "https://bugzilla.suse.com/1237868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49055"
},
{
"cve": "CVE-2022-49058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: potential buffer overflow in handling symlinks\n\nSmatch printed a warning:\n\tarch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error:\n\t__memcpy() \u0027dctx-\u003ebuf\u0027 too small (16 vs u32max)\n\nIt\u0027s caused because Smatch marks \u0027link_len\u0027 as untrusted since it comes\nfrom sscanf(). Add a check to ensure that \u0027link_len\u0027 is not larger than\nthe size of the \u0027link_str\u0027 buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49058",
"url": "https://www.suse.com/security/cve/CVE-2022-49058"
},
{
"category": "external",
"summary": "SUSE Bug 1237814 for CVE-2022-49058",
"url": "https://bugzilla.suse.com/1237814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49058"
},
{
"cve": "CVE-2022-49059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: add flush_workqueue to prevent uaf\n\nOur detector found a concurrent use-after-free bug when detaching an\nNCI device. The main reason for this bug is the unexpected scheduling\nbetween the used delayed mechanism (timer and workqueue).\n\nThe race can be demonstrated below:\n\nThread-1 Thread-2\n | nci_dev_up()\n | nci_open_device()\n | __nci_request(nci_reset_req)\n | nci_send_cmd\n | queue_work(cmd_work)\nnci_unregister_device() |\n nci_close_device() | ...\n del_timer_sync(cmd_timer)[1] |\n... | Worker\nnci_free_device() | nci_cmd_work()\n kfree(ndev)[3] | mod_timer(cmd_timer)[2]\n\nIn short, the cleanup routine thought that the cmd_timer has already\nbeen detached by [1] but the mod_timer can re-attach the timer [2], even\nit is already released [3], resulting in UAF.\n\nThis UAF is easy to trigger, crash trace by POC is like below\n\n[ 66.703713] ==================================================================\n[ 66.703974] BUG: KASAN: use-after-free in enqueue_timer+0x448/0x490\n[ 66.703974] Write of size 8 at addr ffff888009fb7058 by task kworker/u4:1/33\n[ 66.703974]\n[ 66.703974] CPU: 1 PID: 33 Comm: kworker/u4:1 Not tainted 5.18.0-rc2 #5\n[ 66.703974] Workqueue: nfc2_nci_cmd_wq nci_cmd_work\n[ 66.703974] Call Trace:\n[ 66.703974] \u003cTASK\u003e\n[ 66.703974] dump_stack_lvl+0x57/0x7d\n[ 66.703974] print_report.cold+0x5e/0x5db\n[ 66.703974] ? enqueue_timer+0x448/0x490\n[ 66.703974] kasan_report+0xbe/0x1c0\n[ 66.703974] ? enqueue_timer+0x448/0x490\n[ 66.703974] enqueue_timer+0x448/0x490\n[ 66.703974] __mod_timer+0x5e6/0xb80\n[ 66.703974] ? mark_held_locks+0x9e/0xe0\n[ 66.703974] ? try_to_del_timer_sync+0xf0/0xf0\n[ 66.703974] ? lockdep_hardirqs_on_prepare+0x17b/0x410\n[ 66.703974] ? queue_work_on+0x61/0x80\n[ 66.703974] ? lockdep_hardirqs_on+0xbf/0x130\n[ 66.703974] process_one_work+0x8bb/0x1510\n[ 66.703974] ? lockdep_hardirqs_on_prepare+0x410/0x410\n[ 66.703974] ? pwq_dec_nr_in_flight+0x230/0x230\n[ 66.703974] ? rwlock_bug.part.0+0x90/0x90\n[ 66.703974] ? _raw_spin_lock_irq+0x41/0x50\n[ 66.703974] worker_thread+0x575/0x1190\n[ 66.703974] ? process_one_work+0x1510/0x1510\n[ 66.703974] kthread+0x2a0/0x340\n[ 66.703974] ? kthread_complete_and_exit+0x20/0x20\n[ 66.703974] ret_from_fork+0x22/0x30\n[ 66.703974] \u003c/TASK\u003e\n[ 66.703974]\n[ 66.703974] Allocated by task 267:\n[ 66.703974] kasan_save_stack+0x1e/0x40\n[ 66.703974] __kasan_kmalloc+0x81/0xa0\n[ 66.703974] nci_allocate_device+0xd3/0x390\n[ 66.703974] nfcmrvl_nci_register_dev+0x183/0x2c0\n[ 66.703974] nfcmrvl_nci_uart_open+0xf2/0x1dd\n[ 66.703974] nci_uart_tty_ioctl+0x2c3/0x4a0\n[ 66.703974] tty_ioctl+0x764/0x1310\n[ 66.703974] __x64_sys_ioctl+0x122/0x190\n[ 66.703974] do_syscall_64+0x3b/0x90\n[ 66.703974] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 66.703974]\n[ 66.703974] Freed by task 406:\n[ 66.703974] kasan_save_stack+0x1e/0x40\n[ 66.703974] kasan_set_track+0x21/0x30\n[ 66.703974] kasan_set_free_info+0x20/0x30\n[ 66.703974] __kasan_slab_free+0x108/0x170\n[ 66.703974] kfree+0xb0/0x330\n[ 66.703974] nfcmrvl_nci_unregister_dev+0x90/0xd0\n[ 66.703974] nci_uart_tty_close+0xdf/0x180\n[ 66.703974] tty_ldisc_kill+0x73/0x110\n[ 66.703974] tty_ldisc_hangup+0x281/0x5b0\n[ 66.703974] __tty_hangup.part.0+0x431/0x890\n[ 66.703974] tty_release+0x3a8/0xc80\n[ 66.703974] __fput+0x1f0/0x8c0\n[ 66.703974] task_work_run+0xc9/0x170\n[ 66.703974] exit_to_user_mode_prepare+0x194/0x1a0\n[ 66.703974] syscall_exit_to_user_mode+0x19/0x50\n[ 66.703974] do_syscall_64+0x48/0x90\n[ 66.703974] entry_SYSCALL_64_after_hwframe+0x44/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49059",
"url": "https://www.suse.com/security/cve/CVE-2022-49059"
},
{
"category": "external",
"summary": "SUSE Bug 1238007 for CVE-2022-49059",
"url": "https://bugzilla.suse.com/1238007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49059"
},
{
"cve": "CVE-2022-49063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: arfs: fix use-after-free when freeing @rx_cpu_rmap\n\nThe CI testing bots triggered the following splat:\n\n[ 718.203054] BUG: KASAN: use-after-free in free_irq_cpu_rmap+0x53/0x80\n[ 718.206349] Read of size 4 at addr ffff8881bd127e00 by task sh/20834\n[ 718.212852] CPU: 28 PID: 20834 Comm: sh Kdump: loaded Tainted: G S W IOE 5.17.0-rc8_nextqueue-devqueue-02643-g23f3121aca93 #1\n[ 718.219695] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0012.070720200218 07/07/2020\n[ 718.223418] Call Trace:\n[ 718.227139]\n[ 718.230783] dump_stack_lvl+0x33/0x42\n[ 718.234431] print_address_description.constprop.9+0x21/0x170\n[ 718.238177] ? free_irq_cpu_rmap+0x53/0x80\n[ 718.241885] ? free_irq_cpu_rmap+0x53/0x80\n[ 718.245539] kasan_report.cold.18+0x7f/0x11b\n[ 718.249197] ? free_irq_cpu_rmap+0x53/0x80\n[ 718.252852] free_irq_cpu_rmap+0x53/0x80\n[ 718.256471] ice_free_cpu_rx_rmap.part.11+0x37/0x50 [ice]\n[ 718.260174] ice_remove_arfs+0x5f/0x70 [ice]\n[ 718.263810] ice_rebuild_arfs+0x3b/0x70 [ice]\n[ 718.267419] ice_rebuild+0x39c/0xb60 [ice]\n[ 718.270974] ? asm_sysvec_apic_timer_interrupt+0x12/0x20\n[ 718.274472] ? ice_init_phy_user_cfg+0x360/0x360 [ice]\n[ 718.278033] ? delay_tsc+0x4a/0xb0\n[ 718.281513] ? preempt_count_sub+0x14/0xc0\n[ 718.284984] ? delay_tsc+0x8f/0xb0\n[ 718.288463] ice_do_reset+0x92/0xf0 [ice]\n[ 718.292014] ice_pci_err_resume+0x91/0xf0 [ice]\n[ 718.295561] pci_reset_function+0x53/0x80\n\u003c...\u003e\n[ 718.393035] Allocated by task 690:\n[ 718.433497] Freed by task 20834:\n[ 718.495688] Last potentially related work creation:\n[ 718.568966] The buggy address belongs to the object at ffff8881bd127e00\n which belongs to the cache kmalloc-96 of size 96\n[ 718.574085] The buggy address is located 0 bytes inside of\n 96-byte region [ffff8881bd127e00, ffff8881bd127e60)\n[ 718.579265] The buggy address belongs to the page:\n[ 718.598905] Memory state around the buggy address:\n[ 718.601809] ffff8881bd127d00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n[ 718.604796] ffff8881bd127d80: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc\n[ 718.607794] \u003effff8881bd127e00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n[ 718.610811] ^\n[ 718.613819] ffff8881bd127e80: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc\n[ 718.617107] ffff8881bd127f00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n\nThis is due to that free_irq_cpu_rmap() is always being called\n*after* (devm_)free_irq() and thus it tries to work with IRQ descs\nalready freed. For example, on device reset the driver frees the\nrmap right before allocating a new one (the splat above).\nMake rmap creation and freeing function symmetrical with\n{request,free}_irq() calls i.e. do that on ifup/ifdown instead\nof device probe/remove/resume. These operations can be performed\nindependently from the actual device aRFS configuration.\nAlso, make sure ice_vsi_free_irq() clears IRQ affinity notifiers\nonly when aRFS is disabled -- otherwise, CPU rmap sets and clears\nits own and they must not be touched manually.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49063",
"url": "https://www.suse.com/security/cve/CVE-2022-49063"
},
{
"category": "external",
"summary": "SUSE Bug 1237846 for CVE-2022-49063",
"url": "https://bugzilla.suse.com/1237846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49063"
},
{
"cve": "CVE-2022-49065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix the svc_deferred_event trace class\n\nFix a NULL deref crash that occurs when an svc_rqst is deferred\nwhile the sunrpc tracing subsystem is enabled. svc_revisit() sets\ndr-\u003exprt to NULL, so it can\u0027t be relied upon in the tracepoint to\nprovide the remote\u0027s address.\n\nUnfortunately we can\u0027t revert the \"svc_deferred_class\" hunk in\ncommit ece200ddd54b (\"sunrpc: Save remote presentation address in\nsvc_xprt for trace events\") because there is now a specific check\nof event format specifiers for unsafe dereferences. The warning\nthat check emits is:\n\n event svc_defer_recv has unsafe dereference of argument 1\n\nA \"%pISpc\" format specifier with a \"struct sockaddr *\" is indeed\nflagged by this check.\n\nInstead, take the brute-force approach used by the svcrdma_qp_error\ntracepoint. Convert the dr::addr field into a presentation address\nin the TP_fast_assign() arm of the trace event, and store that as\na string. This fix can be backported to -stable kernels.\n\nIn the meantime, commit c6ced22997ad (\"tracing: Update print fmt\ncheck to handle new __get_sockaddr() macro\") is now in v5.18, so\nthis wonky fix can be replaced with __sockaddr() and friends\nproperly during the v5.19 merge window.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49065",
"url": "https://www.suse.com/security/cve/CVE-2022-49065"
},
{
"category": "external",
"summary": "SUSE Bug 1237739 for CVE-2022-49065",
"url": "https://bugzilla.suse.com/1237739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49065"
},
{
"cve": "CVE-2022-49073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: sata_dwc_460ex: Fix crash due to OOB write\n\nthe driver uses libata\u0027s \"tag\" values from in various arrays.\nSince the mentioned patch bumped the ATA_TAG_INTERNAL to 32,\nthe value of the SATA_DWC_QCMD_MAX needs to account for that.\n\nOtherwise ATA_TAG_INTERNAL usage cause similar crashes like\nthis as reported by Tice Rex on the OpenWrt Forum and\nreproduced (with symbols) here:\n\n| BUG: Kernel NULL pointer dereference at 0x00000000\n| Faulting instruction address: 0xc03ed4b8\n| Oops: Kernel access of bad area, sig: 11 [#1]\n| BE PAGE_SIZE=4K PowerPC 44x Platform\n| CPU: 0 PID: 362 Comm: scsi_eh_1 Not tainted 5.4.163 #0\n| NIP: c03ed4b8 LR: c03d27e8 CTR: c03ed36c\n| REGS: cfa59950 TRAP: 0300 Not tainted (5.4.163)\n| MSR: 00021000 \u003cCE,ME\u003e CR: 42000222 XER: 00000000\n| DEAR: 00000000 ESR: 00000000\n| GPR00: c03d27e8 cfa59a08 cfa55fe0 00000000 0fa46bc0 [...]\n| [..]\n| NIP [c03ed4b8] sata_dwc_qc_issue+0x14c/0x254\n| LR [c03d27e8] ata_qc_issue+0x1c8/0x2dc\n| Call Trace:\n| [cfa59a08] [c003f4e0] __cancel_work_timer+0x124/0x194 (unreliable)\n| [cfa59a78] [c03d27e8] ata_qc_issue+0x1c8/0x2dc\n| [cfa59a98] [c03d2b3c] ata_exec_internal_sg+0x240/0x524\n| [cfa59b08] [c03d2e98] ata_exec_internal+0x78/0xe0\n| [cfa59b58] [c03d30fc] ata_read_log_page.part.38+0x1dc/0x204\n| [cfa59bc8] [c03d324c] ata_identify_page_supported+0x68/0x130\n| [...]\n\nThis is because sata_dwc_dma_xfer_complete() NULLs the\ndma_pending\u0027s next neighbour \"chan\" (a *dma_chan struct) in\nthis \u002732\u0027 case right here (line ~735):\n\u003e hsdevp-\u003edma_pending[tag] = SATA_DWC_DMA_PENDING_NONE;\n\nThen the next time, a dma gets issued; dma_dwc_xfer_setup() passes\nthe NULL\u0027d hsdevp-\u003echan to the dmaengine_slave_config() which then\ncauses the crash.\n\nWith this patch, SATA_DWC_QCMD_MAX is now set to ATA_MAX_QUEUE + 1.\nThis avoids the OOB. But please note, there was a worthwhile discussion\non what ATA_TAG_INTERNAL and ATA_MAX_QUEUE is. And why there should not\nbe a \"fake\" 33 command-long queue size.\n\nIdeally, the dw driver should account for the ATA_TAG_INTERNAL.\nIn Damien Le Moal\u0027s words: \"... having looked at the driver, it\nis a bigger change than just faking a 33rd \"tag\" that is in fact\nnot a command tag at all.\"\n\nBugLink: https://github.com/openwrt/openwrt/issues/9505",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49073",
"url": "https://www.suse.com/security/cve/CVE-2022-49073"
},
{
"category": "external",
"summary": "SUSE Bug 1237746 for CVE-2022-49073",
"url": "https://bugzilla.suse.com/1237746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49073"
},
{
"cve": "CVE-2022-49076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: Fix use-after-free bug for mm struct\n\nUnder certain conditions, such as MPI_Abort, the hfi1 cleanup code may\nrepresent the last reference held on the task mm.\nhfi1_mmu_rb_unregister() then drops the last reference and the mm is freed\nbefore the final use in hfi1_release_user_pages(). A new task may\nallocate the mm structure while it is still being used, resulting in\nproblems. One manifestation is corruption of the mmap_sem counter leading\nto a hang in down_write(). Another is corruption of an mm struct that is\nin use by another task.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49076",
"url": "https://www.suse.com/security/cve/CVE-2022-49076"
},
{
"category": "external",
"summary": "SUSE Bug 1237738 for CVE-2022-49076",
"url": "https://bugzilla.suse.com/1237738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49076"
},
{
"cve": "CVE-2022-49078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlz4: fix LZ4_decompress_safe_partial read out of bound\n\nWhen partialDecoding, it is EOF if we\u0027ve either filled the output buffer\nor can\u0027t proceed with reading an offset for following match.\n\nIn some extreme corner cases when compressed data is suitably corrupted,\nUAF will occur. As reported by KASAN [1], LZ4_decompress_safe_partial\nmay lead to read out of bound problem during decoding. lz4 upstream has\nfixed it [2] and this issue has been disscussed here [3] before.\n\ncurrent decompression routine was ported from lz4 v1.8.3, bumping\nlib/lz4 to v1.9.+ is certainly a huge work to be done later, so, we\u0027d\nbetter fix it first.\n\n[1] https://lore.kernel.org/all/000000000000830d1205cf7f0477@google.com/\n[2] https://github.com/lz4/lz4/commit/c5d6f8a8be3927c0bec91bcc58667a6cfad244ad#\n[3] https://lore.kernel.org/all/CC666AE8-4CA4-4951-B6FB-A2EFDE3AC03B@fb.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49078",
"url": "https://www.suse.com/security/cve/CVE-2022-49078"
},
{
"category": "external",
"summary": "SUSE Bug 1237736 for CVE-2022-49078",
"url": "https://bugzilla.suse.com/1237736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49078"
},
{
"cve": "CVE-2022-49082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49082"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use after free in _scsih_expander_node_remove()\n\nThe function mpt3sas_transport_port_remove() called in\n_scsih_expander_node_remove() frees the port field of the sas_expander\nstructure, leading to the following use-after-free splat from KASAN when\nthe ioc_info() call following that function is executed (e.g. when doing\nrmmod of the driver module):\n\n[ 3479.371167] ==================================================================\n[ 3479.378496] BUG: KASAN: use-after-free in _scsih_expander_node_remove+0x710/0x750 [mpt3sas]\n[ 3479.386936] Read of size 1 at addr ffff8881c037691c by task rmmod/1531\n[ 3479.393524]\n[ 3479.395035] CPU: 18 PID: 1531 Comm: rmmod Not tainted 5.17.0-rc8+ #1436\n[ 3479.401712] Hardware name: Supermicro Super Server/H12SSL-NT, BIOS 2.1 06/02/2021\n[ 3479.409263] Call Trace:\n[ 3479.411743] \u003cTASK\u003e\n[ 3479.413875] dump_stack_lvl+0x45/0x59\n[ 3479.417582] print_address_description.constprop.0+0x1f/0x120\n[ 3479.423389] ? _scsih_expander_node_remove+0x710/0x750 [mpt3sas]\n[ 3479.429469] kasan_report.cold+0x83/0xdf\n[ 3479.433438] ? _scsih_expander_node_remove+0x710/0x750 [mpt3sas]\n[ 3479.439514] _scsih_expander_node_remove+0x710/0x750 [mpt3sas]\n[ 3479.445411] ? _raw_spin_unlock_irqrestore+0x2d/0x40\n[ 3479.452032] scsih_remove+0x525/0xc90 [mpt3sas]\n[ 3479.458212] ? mpt3sas_expander_remove+0x1d0/0x1d0 [mpt3sas]\n[ 3479.465529] ? down_write+0xde/0x150\n[ 3479.470746] ? up_write+0x14d/0x460\n[ 3479.475840] ? kernfs_find_ns+0x137/0x310\n[ 3479.481438] pci_device_remove+0x65/0x110\n[ 3479.487013] __device_release_driver+0x316/0x680\n[ 3479.493180] driver_detach+0x1ec/0x2d0\n[ 3479.498499] bus_remove_driver+0xe7/0x2d0\n[ 3479.504081] pci_unregister_driver+0x26/0x250\n[ 3479.510033] _mpt3sas_exit+0x2b/0x6cf [mpt3sas]\n[ 3479.516144] __x64_sys_delete_module+0x2fd/0x510\n[ 3479.522315] ? free_module+0xaa0/0xaa0\n[ 3479.527593] ? __cond_resched+0x1c/0x90\n[ 3479.532951] ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n[ 3479.539607] ? syscall_enter_from_user_mode+0x21/0x70\n[ 3479.546161] ? trace_hardirqs_on+0x1c/0x110\n[ 3479.551828] do_syscall_64+0x35/0x80\n[ 3479.556884] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 3479.563402] RIP: 0033:0x7f1fc482483b\n...\n[ 3479.943087] ==================================================================\n\nFix this by introducing the local variable port_id to store the port ID\nvalue before executing mpt3sas_transport_port_remove(). This local variable\nis then used in the call to ioc_info() instead of dereferencing the freed\nport structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49082",
"url": "https://www.suse.com/security/cve/CVE-2022-49082"
},
{
"category": "external",
"summary": "SUSE Bug 1237740 for CVE-2022-49082",
"url": "https://bugzilla.suse.com/1237740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49082"
},
{
"cve": "CVE-2022-49083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/omap: Fix regression in probe for NULL pointer dereference\n\nCommit 3f6634d997db (\"iommu: Use right way to retrieve iommu_ops\") started\ntriggering a NULL pointer dereference for some omap variants:\n\n__iommu_probe_device from probe_iommu_group+0x2c/0x38\nprobe_iommu_group from bus_for_each_dev+0x74/0xbc\nbus_for_each_dev from bus_iommu_probe+0x34/0x2e8\nbus_iommu_probe from bus_set_iommu+0x80/0xc8\nbus_set_iommu from omap_iommu_init+0x88/0xcc\nomap_iommu_init from do_one_initcall+0x44/0x24\n\nThis is caused by omap iommu probe returning 0 instead of ERR_PTR(-ENODEV)\nas noted by Jason Gunthorpe \u003cjgg@ziepe.ca\u003e.\n\nLooks like the regression already happened with an earlier commit\n6785eb9105e3 (\"iommu/omap: Convert to probe/release_device() call-backs\")\nthat changed the function return type and missed converting one place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49083",
"url": "https://www.suse.com/security/cve/CVE-2022-49083"
},
{
"category": "external",
"summary": "SUSE Bug 1237723 for CVE-2022-49083",
"url": "https://bugzilla.suse.com/1237723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49083"
},
{
"cve": "CVE-2022-49085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrbd: Fix five use after free bugs in get_initial_state\n\nIn get_initial_state, it calls notify_initial_state_done(skb,..) if\ncb-\u003eargs[5]==1. If genlmsg_put() failed in notify_initial_state_done(),\nthe skb will be freed by nlmsg_free(skb).\nThen get_initial_state will goto out and the freed skb will be used by\nreturn value skb-\u003elen, which is a uaf bug.\n\nWhat\u0027s worse, the same problem goes even further: skb can also be\nfreed in the notify_*_state_change -\u003e notify_*_state calls below.\nThus 4 additional uaf bugs happened.\n\nMy patch lets the problem callee functions: notify_initial_state_done\nand notify_*_state_change return an error code if errors happen.\nSo that the error codes could be propagated and the uaf bugs can be avoid.\n\nv2 reports a compilation warning. This v3 fixed this warning and built\nsuccessfully in my local environment with no additional warnings.\nv2: https://lore.kernel.org/patchwork/patch/1435218/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49085",
"url": "https://www.suse.com/security/cve/CVE-2022-49085"
},
{
"category": "external",
"summary": "SUSE Bug 1238036 for CVE-2022-49085",
"url": "https://bugzilla.suse.com/1238036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49085"
},
{
"cve": "CVE-2022-49091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imx: Fix memory leak in imx_pd_connector_get_modes\n\nAvoid leaking the display mode variable if of_get_drm_display_mode\nfails.\n\nAddresses-Coverity-ID: 1443943 (\"Resource leak\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49091",
"url": "https://www.suse.com/security/cve/CVE-2022-49091"
},
{
"category": "external",
"summary": "SUSE Bug 1237726 for CVE-2022-49091",
"url": "https://bugzilla.suse.com/1237726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49091"
},
{
"cve": "CVE-2022-49095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()\n\nThe error handling path of the probe releases a resource that is not freed\nin the remove function. In some cases, a ioremap() must be undone.\n\nAdd the missing iounmap() call in the remove function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49095",
"url": "https://www.suse.com/security/cve/CVE-2022-49095"
},
{
"category": "external",
"summary": "SUSE Bug 1237752 for CVE-2022-49095",
"url": "https://bugzilla.suse.com/1237752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49095"
},
{
"cve": "CVE-2022-49098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix potential crash on module unload\n\nThe vmbus driver relies on the panic notifier infrastructure to perform\nsome operations when a panic event is detected. Since vmbus can be built\nas module, it is required that the driver handles both registering and\nunregistering such panic notifier callback.\n\nAfter commit 74347a99e73a (\"x86/Hyper-V: Unload vmbus channel in hv panic callback\")\nthough, the panic notifier registration is done unconditionally in the module\ninitialization routine whereas the unregistering procedure is conditionally\nguarded and executes only if HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE capability\nis set.\n\nThis patch fixes that by unconditionally unregistering the panic notifier\nin the module\u0027s exit routine as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49098",
"url": "https://www.suse.com/security/cve/CVE-2022-49098"
},
{
"category": "external",
"summary": "SUSE Bug 1238079 for CVE-2022-49098",
"url": "https://bugzilla.suse.com/1238079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49098"
},
{
"cve": "CVE-2022-49100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_console: eliminate anonymous module_init \u0026 module_exit\n\nEliminate anonymous module_init() and module_exit(), which can lead to\nconfusion or ambiguity when reading System.map, crashes/oops/bugs,\nor an initcall_debug log.\n\nGive each of these init and exit functions unique driver-specific\nnames to eliminate the anonymous names.\n\nExample 1: (System.map)\n ffffffff832fc78c t init\n ffffffff832fc79e t init\n ffffffff832fc8f8 t init\n\nExample 2: (initcall_debug log)\n calling init+0x0/0x12 @ 1\n initcall init+0x0/0x12 returned 0 after 15 usecs\n calling init+0x0/0x60 @ 1\n initcall init+0x0/0x60 returned 0 after 2 usecs\n calling init+0x0/0x9a @ 1\n initcall init+0x0/0x9a returned 0 after 74 usecs",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49100",
"url": "https://www.suse.com/security/cve/CVE-2022-49100"
},
{
"category": "external",
"summary": "SUSE Bug 1237735 for CVE-2022-49100",
"url": "https://bugzilla.suse.com/1237735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49100"
},
{
"cve": "CVE-2022-49111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use after free in hci_send_acl\n\nThis fixes the following trace caused by receiving\nHCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without\nfirst checking if conn-\u003etype is in fact AMP_LINK and in case it is\ndo properly cleanup upper layers with hci_disconn_cfm:\n\n ==================================================================\n BUG: KASAN: use-after-free in hci_send_acl+0xaba/0xc50\n Read of size 8 at addr ffff88800e404818 by task bluetoothd/142\n\n CPU: 0 PID: 142 Comm: bluetoothd Not tainted\n 5.17.0-rc5-00006-gda4022eeac1a #7\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x45/0x59\n print_address_description.constprop.0+0x1f/0x150\n kasan_report.cold+0x7f/0x11b\n hci_send_acl+0xaba/0xc50\n l2cap_do_send+0x23f/0x3d0\n l2cap_chan_send+0xc06/0x2cc0\n l2cap_sock_sendmsg+0x201/0x2b0\n sock_sendmsg+0xdc/0x110\n sock_write_iter+0x20f/0x370\n do_iter_readv_writev+0x343/0x690\n do_iter_write+0x132/0x640\n vfs_writev+0x198/0x570\n do_writev+0x202/0x280\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RSP: 002b:00007ffce8a099b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014\n Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3\n 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 14 00 00 00 0f 05\n \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10\n RDX: 0000000000000001 RSI: 00007ffce8a099e0 RDI: 0000000000000015\n RAX: ffffffffffffffda RBX: 00007ffce8a099e0 RCX: 00007f788fc3cf77\n R10: 00007ffce8af7080 R11: 0000000000000246 R12: 000055e4ccf75580\n RBP: 0000000000000015 R08: 0000000000000002 R09: 0000000000000001\n \u003c/TASK\u003e\n R13: 000055e4ccf754a0 R14: 000055e4ccf75cd0 R15: 000055e4ccf4a6b0\n\n Allocated by task 45:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x81/0xa0\n hci_chan_create+0x9a/0x2f0\n l2cap_conn_add.part.0+0x1a/0xdc0\n l2cap_connect_cfm+0x236/0x1000\n le_conn_complete_evt+0x15a7/0x1db0\n hci_le_conn_complete_evt+0x226/0x2c0\n hci_le_meta_evt+0x247/0x450\n hci_event_packet+0x61b/0xe90\n hci_rx_work+0x4d5/0xc50\n process_one_work+0x8fb/0x15a0\n worker_thread+0x576/0x1240\n kthread+0x29d/0x340\n ret_from_fork+0x1f/0x30\n\n Freed by task 45:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_set_free_info+0x20/0x30\n __kasan_slab_free+0xfb/0x130\n kfree+0xac/0x350\n hci_conn_cleanup+0x101/0x6a0\n hci_conn_del+0x27e/0x6c0\n hci_disconn_phylink_complete_evt+0xe0/0x120\n hci_event_packet+0x812/0xe90\n hci_rx_work+0x4d5/0xc50\n process_one_work+0x8fb/0x15a0\n worker_thread+0x576/0x1240\n kthread+0x29d/0x340\n ret_from_fork+0x1f/0x30\n\n The buggy address belongs to the object at ffff88800c0f0500\n The buggy address is located 24 bytes inside of\n which belongs to the cache kmalloc-128 of size 128\n The buggy address belongs to the page:\n 128-byte region [ffff88800c0f0500, ffff88800c0f0580)\n flags: 0x100000000000200(slab|node=0|zone=1)\n page:00000000fe45cd86 refcount:1 mapcount:0\n mapping:0000000000000000 index:0x0 pfn:0xc0f0\n raw: 0000000000000000 0000000080100010 00000001ffffffff\n 0000000000000000\n raw: 0100000000000200 ffffea00003a2c80 dead000000000004\n ffff8880078418c0\n page dumped because: kasan: bad access detected\n ffff88800c0f0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc\n Memory state around the buggy address:\n \u003effff88800c0f0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff88800c0f0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff88800c0f0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49111",
"url": "https://www.suse.com/security/cve/CVE-2022-49111"
},
{
"category": "external",
"summary": "SUSE Bug 1237984 for CVE-2022-49111",
"url": "https://bugzilla.suse.com/1237984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49111"
},
{
"cve": "CVE-2022-49114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix use after free in fc_exch_abts_resp()\n\nfc_exch_release(ep) will decrease the ep\u0027s reference count. When the\nreference count reaches zero, it is freed. But ep is still used in the\nfollowing code, which will lead to a use after free.\n\nReturn after the fc_exch_release() call to avoid use after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49114",
"url": "https://www.suse.com/security/cve/CVE-2022-49114"
},
{
"category": "external",
"summary": "SUSE Bug 1238146 for CVE-2022-49114",
"url": "https://bugzilla.suse.com/1238146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49114"
},
{
"cve": "CVE-2022-49122",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49122"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm ioctl: prevent potential spectre v1 gadget\n\nIt appears like cmd could be a Spectre v1 gadget as it\u0027s supplied by a\nuser and used as an array index. Prevent the contents of kernel memory\nfrom being leaked to userspace via speculative execution by using\narray_index_nospec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49122",
"url": "https://www.suse.com/security/cve/CVE-2022-49122"
},
{
"category": "external",
"summary": "SUSE Bug 1237983 for CVE-2022-49122",
"url": "https://bugzilla.suse.com/1237983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49122"
},
{
"cve": "CVE-2022-49137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49137"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj\n\nThis issue takes place in an error path in\namdgpu_cs_fence_to_handle_ioctl(). When `info-\u003ein.what` falls into\ndefault case, the function simply returns -EINVAL, forgetting to\ndecrement the reference count of a dma_fence obj, which is bumped\nearlier by amdgpu_cs_get_fence(). This may result in reference count\nleaks.\n\nFix it by decreasing the refcount of specific object before returning\nthe error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49137",
"url": "https://www.suse.com/security/cve/CVE-2022-49137"
},
{
"category": "external",
"summary": "SUSE Bug 1238155 for CVE-2022-49137",
"url": "https://bugzilla.suse.com/1238155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "low"
}
],
"title": "CVE-2022-49137"
},
{
"cve": "CVE-2022-49145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Avoid out of bounds access when parsing _CPC data\n\nIf the NumEntries field in the _CPC return package is less than 2, do\nnot attempt to access the \"Revision\" element of that package, because\nit may not be present then.\n\nBugLink: https://lore.kernel.org/lkml/20220322143534.GC32582@xsang-OptiPlex-9020/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49145",
"url": "https://www.suse.com/security/cve/CVE-2022-49145"
},
{
"category": "external",
"summary": "SUSE Bug 1238162 for CVE-2022-49145",
"url": "https://bugzilla.suse.com/1238162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49145"
},
{
"cve": "CVE-2022-49151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: properly check endpoint type\n\nSyzbot reported warning in usb_submit_urb() which is caused by wrong\nendpoint type. We should check that in endpoint is actually present to\nprevent this warning.\n\nFound pipes are now saved to struct mcba_priv and code uses them\ndirectly instead of making pipes in place.\n\nFail log:\n\n| usb 5-1: BOGUS urb xfer, pipe 3 != type 1\n| WARNING: CPU: 1 PID: 49 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n| Modules linked in:\n| CPU: 1 PID: 49 Comm: kworker/1:2 Not tainted 5.17.0-rc6-syzkaller-00184-g38f80f42147f #0\n| Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\n| Workqueue: usb_hub_wq hub_event\n| RIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n| ...\n| Call Trace:\n| \u003cTASK\u003e\n| mcba_usb_start drivers/net/can/usb/mcba_usb.c:662 [inline]\n| mcba_usb_probe+0x8a3/0xc50 drivers/net/can/usb/mcba_usb.c:858\n| usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396\n| call_driver_probe drivers/base/dd.c:517 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49151",
"url": "https://www.suse.com/security/cve/CVE-2022-49151"
},
{
"category": "external",
"summary": "SUSE Bug 1237778 for CVE-2022-49151",
"url": "https://bugzilla.suse.com/1237778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49151"
},
{
"cve": "CVE-2022-49153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: socket: free skb in send6 when ipv6 is disabled\n\nI got a memory leak report:\n\nunreferenced object 0xffff8881191fc040 (size 232):\n comm \"kworker/u17:0\", pid 23193, jiffies 4295238848 (age 3464.870s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff814c3ef4\u003e] slab_post_alloc_hook+0x84/0x3b0\n [\u003cffffffff814c8977\u003e] kmem_cache_alloc_node+0x167/0x340\n [\u003cffffffff832974fb\u003e] __alloc_skb+0x1db/0x200\n [\u003cffffffff82612b5d\u003e] wg_socket_send_buffer_to_peer+0x3d/0xc0\n [\u003cffffffff8260e94a\u003e] wg_packet_send_handshake_initiation+0xfa/0x110\n [\u003cffffffff8260ec81\u003e] wg_packet_handshake_send_worker+0x21/0x30\n [\u003cffffffff8119c558\u003e] process_one_work+0x2e8/0x770\n [\u003cffffffff8119ca2a\u003e] worker_thread+0x4a/0x4b0\n [\u003cffffffff811a88e0\u003e] kthread+0x120/0x160\n [\u003cffffffff8100242f\u003e] ret_from_fork+0x1f/0x30\n\nIn function wg_socket_send_buffer_as_reply_to_skb() or wg_socket_send_\nbuffer_to_peer(), the semantics of send6() is required to free skb. But\nwhen CONFIG_IPV6 is disable, kfree_skb() is missing. This patch adds it\nto fix this bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49153",
"url": "https://www.suse.com/security/cve/CVE-2022-49153"
},
{
"category": "external",
"summary": "SUSE Bug 1238166 for CVE-2022-49153",
"url": "https://bugzilla.suse.com/1238166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "low"
}
],
"title": "CVE-2022-49153"
},
{
"cve": "CVE-2022-49155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()\n\n[ 12.323788] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-udevd/1020\n[ 12.332297] caller is qla2xxx_create_qpair+0x32a/0x5d0 [qla2xxx]\n[ 12.338417] CPU: 7 PID: 1020 Comm: systemd-udevd Tainted: G I --------- --- 5.14.0-29.el9.x86_64 #1\n[ 12.348827] Hardware name: Dell Inc. PowerEdge R610/0F0XJ6, BIOS 6.6.0 05/22/2018\n[ 12.356356] Call Trace:\n[ 12.358821] dump_stack_lvl+0x34/0x44\n[ 12.362514] check_preemption_disabled+0xd9/0xe0\n[ 12.367164] qla2xxx_create_qpair+0x32a/0x5d0 [qla2xxx]\n[ 12.372481] qla2x00_probe_one+0xa3a/0x1b80 [qla2xxx]\n[ 12.377617] ? _raw_spin_lock_irqsave+0x19/0x40\n[ 12.384284] local_pci_probe+0x42/0x80\n[ 12.390162] ? pci_match_device+0xd7/0x110\n[ 12.396366] pci_device_probe+0xfd/0x1b0\n[ 12.402372] really_probe+0x1e7/0x3e0\n[ 12.408114] __driver_probe_device+0xfe/0x180\n[ 12.414544] driver_probe_device+0x1e/0x90\n[ 12.420685] __driver_attach+0xc0/0x1c0\n[ 12.426536] ? __device_attach_driver+0xe0/0xe0\n[ 12.433061] ? __device_attach_driver+0xe0/0xe0\n[ 12.439538] bus_for_each_dev+0x78/0xc0\n[ 12.445294] bus_add_driver+0x12b/0x1e0\n[ 12.451021] driver_register+0x8f/0xe0\n[ 12.456631] ? 0xffffffffc07bc000\n[ 12.461773] qla2x00_module_init+0x1be/0x229 [qla2xxx]\n[ 12.468776] do_one_initcall+0x44/0x200\n[ 12.474401] ? load_module+0xad3/0xba0\n[ 12.479908] ? kmem_cache_alloc_trace+0x45/0x410\n[ 12.486268] do_init_module+0x5c/0x280\n[ 12.491730] __do_sys_init_module+0x12e/0x1b0\n[ 12.497785] do_syscall_64+0x3b/0x90\n[ 12.503029] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 12.509764] RIP: 0033:0x7f554f73ab2e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49155",
"url": "https://www.suse.com/security/cve/CVE-2022-49155"
},
{
"category": "external",
"summary": "SUSE Bug 1237941 for CVE-2022-49155",
"url": "https://bugzilla.suse.com/1237941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49155"
},
{
"cve": "CVE-2022-49156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix scheduling while atomic\n\nThe driver makes a call into midlayer (fc_remote_port_delete) which can put\nthe thread to sleep. The thread that originates the call is in interrupt\ncontext. The combination of the two trigger a crash. Schedule the call in\nnon-interrupt context where it is more safe.\n\nkernel: BUG: scheduling while atomic: swapper/7/0/0x00010000\nkernel: Call Trace:\nkernel: \u003cIRQ\u003e\nkernel: dump_stack+0x66/0x81\nkernel: __schedule_bug.cold.90+0x5/0x1d\nkernel: __schedule+0x7af/0x960\nkernel: schedule+0x28/0x80\nkernel: schedule_timeout+0x26d/0x3b0\nkernel: wait_for_completion+0xb4/0x140\nkernel: ? wake_up_q+0x70/0x70\nkernel: __wait_rcu_gp+0x12c/0x160\nkernel: ? sdev_evt_alloc+0xc0/0x180 [scsi_mod]\nkernel: synchronize_sched+0x6c/0x80\nkernel: ? call_rcu_bh+0x20/0x20\nkernel: ? __bpf_trace_rcu_invoke_callback+0x10/0x10\nkernel: sdev_evt_alloc+0xfd/0x180 [scsi_mod]\nkernel: starget_for_each_device+0x85/0xb0 [scsi_mod]\nkernel: ? scsi_init_io+0x360/0x3d0 [scsi_mod]\nkernel: scsi_init_io+0x388/0x3d0 [scsi_mod]\nkernel: device_for_each_child+0x54/0x90\nkernel: fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc]\nkernel: qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx]\nkernel: qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx]\nkernel: qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx]\nkernel: qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx]\nkernel: qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx]\nkernel: qla24xx_process_response_queue+0x306/0x400 [qla2xxx]\nkernel: qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx]\nkernel: __handle_irq_event_percpu+0x40/0x180\nkernel: handle_irq_event_percpu+0x30/0x80\nkernel: handle_irq_event+0x36/0x60",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49156",
"url": "https://www.suse.com/security/cve/CVE-2022-49156"
},
{
"category": "external",
"summary": "SUSE Bug 1238168 for CVE-2022-49156",
"url": "https://bugzilla.suse.com/1238168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49156"
},
{
"cve": "CVE-2022-49157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix premature hw access after PCI error\n\nAfter a recoverable PCI error has been detected and recovered, qla driver\nneeds to check to see if the error condition still persist and/or wait\nfor the OS to give the resume signal.\n\nSep 8 22:26:03 localhost kernel: WARNING: CPU: 9 PID: 124606 at qla_tmpl.c:440\nqla27xx_fwdt_entry_t266+0x55/0x60 [qla2xxx]\nSep 8 22:26:03 localhost kernel: RIP: 0010:qla27xx_fwdt_entry_t266+0x55/0x60\n[qla2xxx]\nSep 8 22:26:03 localhost kernel: Call Trace:\nSep 8 22:26:03 localhost kernel: ? qla27xx_walk_template+0xb1/0x1b0 [qla2xxx]\nSep 8 22:26:03 localhost kernel: ? qla27xx_execute_fwdt_template+0x12a/0x160\n[qla2xxx]\nSep 8 22:26:03 localhost kernel: ? qla27xx_fwdump+0xa0/0x1c0 [qla2xxx]\nSep 8 22:26:03 localhost kernel: ? qla2xxx_pci_mmio_enabled+0xfb/0x120\n[qla2xxx]\nSep 8 22:26:03 localhost kernel: ? report_mmio_enabled+0x44/0x80\nSep 8 22:26:03 localhost kernel: ? report_slot_reset+0x80/0x80\nSep 8 22:26:03 localhost kernel: ? pci_walk_bus+0x70/0x90\nSep 8 22:26:03 localhost kernel: ? aer_dev_correctable_show+0xc0/0xc0\nSep 8 22:26:03 localhost kernel: ? pcie_do_recovery+0x1bb/0x240\nSep 8 22:26:03 localhost kernel: ? aer_recover_work_func+0xaa/0xd0\nSep 8 22:26:03 localhost kernel: ? process_one_work+0x1a7/0x360\n..\nSep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-8041:22: detected PCI\ndisconnect.\nSep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-107ff:22:\nqla27xx_fwdt_entry_t262: dump ram MB failed. Area 5h start 198013h end 198013h\nSep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-107ff:22: Unable to\ncapture FW dump\nSep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-1015:22: cmd=0x0,\nwaited 5221 msecs\nSep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-680d:22: mmio\nenabled returning.\nSep 8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-d04c:22: MBX\nCommand timeout for cmd 0, iocontrol=ffffffff jiffies=10140f2e5\nmb[0-3]=[0xffff 0xffff 0xffff 0xffff]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49157",
"url": "https://www.suse.com/security/cve/CVE-2022-49157"
},
{
"category": "external",
"summary": "SUSE Bug 1238169 for CVE-2022-49157",
"url": "https://bugzilla.suse.com/1238169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "low"
}
],
"title": "CVE-2022-49157"
},
{
"cve": "CVE-2022-49158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix warning message due to adisc being flushed\n\nFix warning message due to adisc being flushed. Linux kernel triggered a\nwarning message where a different error code type is not matching up with\nthe expected type. Add additional translation of one error code type to\nanother.\n\nWARNING: CPU: 2 PID: 1131623 at drivers/scsi/qla2xxx/qla_init.c:498\nqla2x00_async_adisc_sp_done+0x294/0x2b0 [qla2xxx]\nCPU: 2 PID: 1131623 Comm: drmgr Not tainted 5.13.0-rc1-autotest #1\n..\nGPR28: c000000aaa9c8890 c0080000079ab678 c00000140a104800 c00000002bd19000\nNIP [c00800000790857c] qla2x00_async_adisc_sp_done+0x294/0x2b0 [qla2xxx]\nLR [c008000007908578] qla2x00_async_adisc_sp_done+0x290/0x2b0 [qla2xxx]\nCall Trace:\n[c00000001cdc3620] [c008000007908578] qla2x00_async_adisc_sp_done+0x290/0x2b0 [qla2xxx] (unreliable)\n[c00000001cdc3710] [c0080000078f3080] __qla2x00_abort_all_cmds+0x1b8/0x580 [qla2xxx]\n[c00000001cdc3840] [c0080000078f589c] qla2x00_abort_all_cmds+0x34/0xd0 [qla2xxx]\n[c00000001cdc3880] [c0080000079153d8] qla2x00_abort_isp_cleanup+0x3f0/0x570 [qla2xxx]\n[c00000001cdc3920] [c0080000078fb7e8] qla2x00_remove_one+0x3d0/0x480 [qla2xxx]\n[c00000001cdc39b0] [c00000000071c274] pci_device_remove+0x64/0x120\n[c00000001cdc39f0] [c0000000007fb818] device_release_driver_internal+0x168/0x2a0\n[c00000001cdc3a30] [c00000000070e304] pci_stop_bus_device+0xb4/0x100\n[c00000001cdc3a70] [c00000000070e4f0] pci_stop_and_remove_bus_device+0x20/0x40\n[c00000001cdc3aa0] [c000000000073940] pci_hp_remove_devices+0x90/0x130\n[c00000001cdc3b30] [c0080000070704d0] disable_slot+0x38/0x90 [rpaphp] [\nc00000001cdc3b60] [c00000000073eb4c] power_write_file+0xcc/0x180\n[c00000001cdc3be0] [c0000000007354bc] pci_slot_attr_store+0x3c/0x60\n[c00000001cdc3c00] [c00000000055f820] sysfs_kf_write+0x60/0x80 [c00000001cdc3c20]\n[c00000000055df10] kernfs_fop_write_iter+0x1a0/0x290\n[c00000001cdc3c70] [c000000000447c4c] new_sync_write+0x14c/0x1d0\n[c00000001cdc3d10] [c00000000044b134] vfs_write+0x224/0x330\n[c00000001cdc3d60] [c00000000044b3f4] ksys_write+0x74/0x130\n[c00000001cdc3db0] [c00000000002df70] system_call_exception+0x150/0x2d0\n[c00000001cdc3e10] [c00000000000d45c] system_call_common+0xec/0x278",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49158",
"url": "https://www.suse.com/security/cve/CVE-2022-49158"
},
{
"category": "external",
"summary": "SUSE Bug 1238170 for CVE-2022-49158",
"url": "https://bugzilla.suse.com/1238170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49158"
},
{
"cve": "CVE-2022-49159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Implement ref count for SRB\n\nThe timeout handler and the done function are racing. When\nqla2x00_async_iocb_timeout() starts to run it can be preempted by the\nnormal response path (via the firmware?). qla24xx_async_gpsc_sp_done()\nreleases the SRB unconditionally. When scheduling back to\nqla2x00_async_iocb_timeout() qla24xx_async_abort_cmd() will access an freed\nsp-\u003eqpair pointer:\n\n qla2xxx [0000:83:00.0]-2871:0: Async-gpsc timeout - hdl=63d portid=234500 50:06:0e:80:08:77:b6:21.\n qla2xxx [0000:83:00.0]-2853:0: Async done-gpsc res 0, WWPN 50:06:0e:80:08:77:b6:21\n qla2xxx [0000:83:00.0]-2854:0: Async-gpsc OUT WWPN 20:45:00:27:f8:75:33:00 speeds=2c00 speed=0400.\n qla2xxx [0000:83:00.0]-28d8:0: qla24xx_handle_gpsc_event 50:06:0e:80:08:77:b6:21 DS 7 LS 6 rc 0 login 1|1 rscn 1|0 lid 5\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000004\n IP: qla24xx_async_abort_cmd+0x1b/0x1c0 [qla2xxx]\n\nObvious solution to this is to introduce a reference counter. One reference\nis taken for the normal code path (the \u0027good\u0027 case) and one for the timeout\npath. As we always race between the normal good case and the timeout/abort\nhandler we need to serialize it. Also we cannot assume any order between\nthe handlers. Since this is slow path we can use proper synchronization via\nlocks.\n\nWhen we are able to cancel a timer (del_timer returns 1) we know there\ncan\u0027t be any error handling in progress because the timeout handler hasn\u0027t\nexpired yet, thus we can safely decrement the refcounter by one.\n\nIf we are not able to cancel the timer, we know an abort handler is\nrunning. We have to make sure we call sp-\u003edone() in the abort handlers\nbefore calling kref_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49159",
"url": "https://www.suse.com/security/cve/CVE-2022-49159"
},
{
"category": "external",
"summary": "SUSE Bug 1238171 for CVE-2022-49159",
"url": "https://bugzilla.suse.com/1238171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49159"
},
{
"cve": "CVE-2022-49160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash during module load unload test\n\nDuring purex packet handling the driver was incorrectly freeing a\npre-allocated structure. Fix this by skipping that entry.\n\nSystem crashed with the following stack during a module unload test.\n\nCall Trace:\n\tsbitmap_init_node+0x7f/0x1e0\n\tsbitmap_queue_init_node+0x24/0x150\n\tblk_mq_init_bitmaps+0x3d/0xa0\n\tblk_mq_init_tags+0x68/0x90\n\tblk_mq_alloc_map_and_rqs+0x44/0x120\n\tblk_mq_alloc_set_map_and_rqs+0x63/0x150\n\tblk_mq_alloc_tag_set+0x11b/0x230\n\tscsi_add_host_with_dma.cold+0x3f/0x245\n\tqla2x00_probe_one+0xd5a/0x1b80 [qla2xxx]\n\nCall Trace with slub_debug and debug kernel:\n\tkasan_report_invalid_free+0x50/0x80\n\t__kasan_slab_free+0x137/0x150\n\tslab_free_freelist_hook+0xc6/0x190\n\tkfree+0xe8/0x2e0\n\tqla2x00_free_device+0x3bb/0x5d0 [qla2xxx]\n\tqla2x00_remove_one+0x668/0xcf0 [qla2xxx]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49160",
"url": "https://www.suse.com/security/cve/CVE-2022-49160"
},
{
"category": "external",
"summary": "SUSE Bug 1238172 for CVE-2022-49160",
"url": "https://bugzilla.suse.com/1238172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49160"
},
{
"cve": "CVE-2022-49162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: sm712fb: Fix crash in smtcfb_write()\n\nWhen the sm712fb driver writes three bytes to the framebuffer, the\ndriver will crash:\n\n BUG: unable to handle page fault for address: ffffc90001ffffff\n RIP: 0010:smtcfb_write+0x454/0x5b0\n Call Trace:\n vfs_write+0x291/0xd60\n ? do_sys_openat2+0x27d/0x350\n ? __fget_light+0x54/0x340\n ksys_write+0xce/0x190\n do_syscall_64+0x43/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFix it by removing the open-coded endianness fixup-code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49162",
"url": "https://www.suse.com/security/cve/CVE-2022-49162"
},
{
"category": "external",
"summary": "SUSE Bug 1238096 for CVE-2022-49162",
"url": "https://bugzilla.suse.com/1238096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49162"
},
{
"cve": "CVE-2022-49164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49164"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/tm: Fix more userspace r13 corruption\n\nCommit cf13435b730a (\"powerpc/tm: Fix userspace r13 corruption\") fixes a\nproblem in treclaim where a SLB miss can occur on the\nthread_struct-\u003eckpt_regs while SCRATCH0 is live with the saved user r13\nvalue, clobbering it with the kernel r13 and ultimately resulting in\nkernel r13 being stored in ckpt_regs.\n\nThere is an equivalent problem in trechkpt where the user r13 value is\nloaded into r13 from chkpt_regs to be recheckpointed, but a SLB miss\ncould occur on ckpt_regs accesses after that, which will result in r13\nbeing clobbered with a kernel value and that will get recheckpointed and\nthen restored to user registers.\n\nThe same memory page is accessed right before this critical window where\na SLB miss could cause corruption, so hitting the bug requires the SLB\nentry be removed within a small window of instructions, which is\npossible if a SLB related MCE hits there. PAPR also permits the\nhypervisor to discard this SLB entry (because slb_shadow-\u003epersistent is\nonly set to SLB_NUM_BOLTED) although it\u0027s not known whether any\nimplementations would do this (KVM does not). So this is an extremely\nunlikely bug, only found by inspection.\n\nFix this by also storing user r13 in a temporary location on the kernel\nstack and don\u0027t change the r13 register from kernel r13 until the RI=0\ncritical section that does not fault.\n\nThe SCRATCH0 change is not strictly part of the fix, it\u0027s only used in\nthe RI=0 section so it does not have the same problem as the previous\nSCRATCH0 bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49164",
"url": "https://www.suse.com/security/cve/CVE-2022-49164"
},
{
"category": "external",
"summary": "SUSE Bug 1238108 for CVE-2022-49164",
"url": "https://bugzilla.suse.com/1238108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49164"
},
{
"cve": "CVE-2022-49175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49175"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: core: keep irq flags in device_pm_check_callbacks()\n\nThe function device_pm_check_callbacks() can be called under the spin\nlock (in the reported case it happens from genpd_add_device() -\u003e\ndev_pm_domain_set(), when the genpd uses spinlocks rather than mutexes.\n\nHowever this function uncoditionally uses spin_lock_irq() /\nspin_unlock_irq(), thus not preserving the CPU flags. Use the\nirqsave/irqrestore instead.\n\nThe backtrace for the reference:\n[ 2.752010] ------------[ cut here ]------------\n[ 2.756769] raw_local_irq_restore() called with IRQs enabled\n[ 2.762596] WARNING: CPU: 4 PID: 1 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x34/0x50\n[ 2.772338] Modules linked in:\n[ 2.775487] CPU: 4 PID: 1 Comm: swapper/0 Tainted: G S 5.17.0-rc6-00384-ge330d0d82eff-dirty #684\n[ 2.781384] Freeing initrd memory: 46024K\n[ 2.785839] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2.785841] pc : warn_bogus_irq_restore+0x34/0x50\n[ 2.785844] lr : warn_bogus_irq_restore+0x34/0x50\n[ 2.785846] sp : ffff80000805b7d0\n[ 2.785847] x29: ffff80000805b7d0 x28: 0000000000000000 x27: 0000000000000002\n[ 2.785850] x26: ffffd40e80930b18 x25: ffff7ee2329192b8 x24: ffff7edfc9f60800\n[ 2.785853] x23: ffffd40e80930b18 x22: ffffd40e80930d30 x21: ffff7edfc0dffa00\n[ 2.785856] x20: ffff7edfc09e3768 x19: 0000000000000000 x18: ffffffffffffffff\n[ 2.845775] x17: 6572206f74206465 x16: 6c696166203a3030 x15: ffff80008805b4f7\n[ 2.853108] x14: 0000000000000000 x13: ffffd40e809550b0 x12: 00000000000003d8\n[ 2.860441] x11: 0000000000000148 x10: ffffd40e809550b0 x9 : ffffd40e809550b0\n[ 2.867774] x8 : 00000000ffffefff x7 : ffffd40e809ad0b0 x6 : ffffd40e809ad0b0\n[ 2.875107] x5 : 000000000000bff4 x4 : 0000000000000000 x3 : 0000000000000000\n[ 2.882440] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff7edfc03a8000\n[ 2.889774] Call trace:\n[ 2.892290] warn_bogus_irq_restore+0x34/0x50\n[ 2.896770] _raw_spin_unlock_irqrestore+0x94/0xa0\n[ 2.901690] genpd_unlock_spin+0x20/0x30\n[ 2.905724] genpd_add_device+0x100/0x2d0\n[ 2.909850] __genpd_dev_pm_attach+0xa8/0x23c\n[ 2.914329] genpd_dev_pm_attach_by_id+0xc4/0x190\n[ 2.919167] genpd_dev_pm_attach_by_name+0x3c/0xd0\n[ 2.924086] dev_pm_domain_attach_by_name+0x24/0x30\n[ 2.929102] psci_dt_attach_cpu+0x24/0x90\n[ 2.933230] psci_cpuidle_probe+0x2d4/0x46c\n[ 2.937534] platform_probe+0x68/0xe0\n[ 2.941304] really_probe.part.0+0x9c/0x2fc\n[ 2.945605] __driver_probe_device+0x98/0x144\n[ 2.950085] driver_probe_device+0x44/0x15c\n[ 2.954385] __device_attach_driver+0xb8/0x120\n[ 2.958950] bus_for_each_drv+0x78/0xd0\n[ 2.962896] __device_attach+0xd8/0x180\n[ 2.966843] device_initial_probe+0x14/0x20\n[ 2.971144] bus_probe_device+0x9c/0xa4\n[ 2.975092] device_add+0x380/0x88c\n[ 2.978679] platform_device_add+0x114/0x234\n[ 2.983067] platform_device_register_full+0x100/0x190\n[ 2.988344] psci_idle_init+0x6c/0xb0\n[ 2.992113] do_one_initcall+0x74/0x3a0\n[ 2.996060] kernel_init_freeable+0x2fc/0x384\n[ 3.000543] kernel_init+0x28/0x130\n[ 3.004132] ret_from_fork+0x10/0x20\n[ 3.007817] irq event stamp: 319826\n[ 3.011404] hardirqs last enabled at (319825): [\u003cffffd40e7eda0268\u003e] __up_console_sem+0x78/0x84\n[ 3.020332] hardirqs last disabled at (319826): [\u003cffffd40e7fd6d9d8\u003e] el1_dbg+0x24/0x8c\n[ 3.028458] softirqs last enabled at (318312): [\u003cffffd40e7ec90410\u003e] _stext+0x410/0x588\n[ 3.036678] softirqs last disabled at (318299): [\u003cffffd40e7ed1bf68\u003e] __irq_exit_rcu+0x158/0x174\n[ 3.045607] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49175",
"url": "https://www.suse.com/security/cve/CVE-2022-49175"
},
{
"category": "external",
"summary": "SUSE Bug 1238099 for CVE-2022-49175",
"url": "https://bugzilla.suse.com/1238099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49175"
},
{
"cve": "CVE-2022-49185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe\n\nThis node pointer is returned by of_parse_phandle() with refcount\nincremented in this function. Calling of_node_put() to avoid\nthe refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49185",
"url": "https://www.suse.com/security/cve/CVE-2022-49185"
},
{
"category": "external",
"summary": "SUSE Bug 1238111 for CVE-2022-49185",
"url": "https://bugzilla.suse.com/1238111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49185"
},
{
"cve": "CVE-2022-49189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49189"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: clk-rcg2: Update logic to calculate D value for RCG\n\nThe display pixel clock has a requirement on certain newer platforms to\nsupport M/N as (2/3) and the final D value calculated results in\nunderflow errors.\nAs the current implementation does not check for D value is within\nthe accepted range for a given M \u0026 N value. Update the logic to\ncalculate the final D value based on the range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49189",
"url": "https://www.suse.com/security/cve/CVE-2022-49189"
},
{
"category": "external",
"summary": "SUSE Bug 1238150 for CVE-2022-49189",
"url": "https://bugzilla.suse.com/1238150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49189"
},
{
"cve": "CVE-2022-49196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49196"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix use after free in remove_phb_dynamic()\n\nIn remove_phb_dynamic() we use \u0026phb-\u003eio_resource, after we\u0027ve called\ndevice_unregister(\u0026host_bridge-\u003edev). But the unregister may have freed\nphb, because pcibios_free_controller_deferred() is the release function\nfor the host_bridge.\n\nIf there are no outstanding references when we call device_unregister()\nthen phb will be freed out from under us.\n\nThis has gone mainly unnoticed, but with slub_debug and page_poison\nenabled it can lead to a crash:\n\n PID: 7574 TASK: c0000000d492cb80 CPU: 13 COMMAND: \"drmgr\"\n #0 [c0000000e4f075a0] crash_kexec at c00000000027d7dc\n #1 [c0000000e4f075d0] oops_end at c000000000029608\n #2 [c0000000e4f07650] __bad_page_fault at c0000000000904b4\n #3 [c0000000e4f076c0] do_bad_slb_fault at c00000000009a5a8\n #4 [c0000000e4f076f0] data_access_slb_common_virt at c000000000008b30\n Data SLB Access [380] exception frame:\n R0: c000000000167250 R1: c0000000e4f07a00 R2: c000000002a46100\n R3: c000000002b39ce8 R4: 00000000000000c0 R5: 00000000000000a9\n R6: 3894674d000000c0 R7: 0000000000000000 R8: 00000000000000ff\n R9: 0000000000000100 R10: 6b6b6b6b6b6b6b6b R11: 0000000000008000\n R12: c00000000023da80 R13: c0000009ffd38b00 R14: 0000000000000000\n R15: 000000011c87f0f0 R16: 0000000000000006 R17: 0000000000000003\n R18: 0000000000000002 R19: 0000000000000004 R20: 0000000000000005\n R21: 000000011c87ede8 R22: 000000011c87c5a8 R23: 000000011c87d3a0\n R24: 0000000000000000 R25: 0000000000000001 R26: c0000000e4f07cc8\n R27: c00000004d1cc400 R28: c0080000031d00e8 R29: c00000004d23d800\n R30: c00000004d1d2400 R31: c00000004d1d2540\n NIP: c000000000167258 MSR: 8000000000009033 OR3: c000000000e9f474\n CTR: 0000000000000000 LR: c000000000167250 XER: 0000000020040003\n CCR: 0000000024088420 MQ: 0000000000000000 DAR: 6b6b6b6b6b6b6ba3\n DSISR: c0000000e4f07920 Syscall Result: fffffffffffffff2\n [NIP : release_resource+56]\n [LR : release_resource+48]\n #5 [c0000000e4f07a00] release_resource at c000000000167258 (unreliable)\n #6 [c0000000e4f07a30] remove_phb_dynamic at c000000000105648\n #7 [c0000000e4f07ab0] dlpar_remove_slot at c0080000031a09e8 [rpadlpar_io]\n #8 [c0000000e4f07b50] remove_slot_store at c0080000031a0b9c [rpadlpar_io]\n #9 [c0000000e4f07be0] kobj_attr_store at c000000000817d8c\n #10 [c0000000e4f07c00] sysfs_kf_write at c00000000063e504\n #11 [c0000000e4f07c20] kernfs_fop_write_iter at c00000000063d868\n #12 [c0000000e4f07c70] new_sync_write at c00000000054339c\n #13 [c0000000e4f07d10] vfs_write at c000000000546624\n #14 [c0000000e4f07d60] ksys_write at c0000000005469f4\n #15 [c0000000e4f07db0] system_call_exception at c000000000030840\n #16 [c0000000e4f07e10] system_call_vectored_common at c00000000000c168\n\nTo avoid it, we can take a reference to the host_bridge-\u003edev until we\u0027re\ndone using phb. Then when we drop the reference the phb will be freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49196",
"url": "https://www.suse.com/security/cve/CVE-2022-49196"
},
{
"category": "external",
"summary": "SUSE Bug 1238274 for CVE-2022-49196",
"url": "https://bugzilla.suse.com/1238274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49196"
},
{
"cve": "CVE-2022-49200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt\n\nFix the following kernel oops in btmtksdio_interrrupt\n\n[ 14.339134] btmtksdio_interrupt+0x28/0x54\n[ 14.339139] process_sdio_pending_irqs+0x68/0x1a0\n[ 14.339144] sdio_irq_work+0x40/0x70\n[ 14.339154] process_one_work+0x184/0x39c\n[ 14.339160] worker_thread+0x228/0x3e8\n[ 14.339168] kthread+0x148/0x3ac\n[ 14.339176] ret_from_fork+0x10/0x30\n\nThat happened because hdev-\u003epower_on is already called before\nsdio_set_drvdata which btmtksdio_interrupt handler relies on is not\nproperly set up.\n\nThe details are shown as the below: hci_register_dev would run\nqueue_work(hdev-\u003ereq_workqueue, \u0026hdev-\u003epower_on) as WQ_HIGHPRI\nworkqueue_struct to complete the power-on sequeunce and thus hci_power_on\nmay run before sdio_set_drvdata is done in btmtksdio_probe.\n\nThe hci_dev_do_open in hci_power_on would initialize the device and enable\nthe interrupt and thus it is possible that btmtksdio_interrupt is being\ncalled right before sdio_set_drvdata is filled out.\n\nWhen btmtksdio_interrupt is being called and sdio_set_drvdata is not filled\n, the kernel oops is going to happen because btmtksdio_interrupt access an\nuninitialized pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49200",
"url": "https://www.suse.com/security/cve/CVE-2022-49200"
},
{
"category": "external",
"summary": "SUSE Bug 1237958 for CVE-2022-49200",
"url": "https://bugzilla.suse.com/1237958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49200"
},
{
"cve": "CVE-2022-49201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: fix race between xmit and reset\n\nThere is a race between reset and the transmit paths that can lead to\nibmvnic_xmit() accessing an scrq after it has been freed in the reset\npath. It can result in a crash like:\n\n\tKernel attempted to read user page (0) - exploit attempt? (uid: 0)\n\tBUG: Kernel NULL pointer dereference on read at 0x00000000\n\tFaulting instruction address: 0xc0080000016189f8\n\tOops: Kernel access of bad area, sig: 11 [#1]\n\t...\n\tNIP [c0080000016189f8] ibmvnic_xmit+0x60/0xb60 [ibmvnic]\n\tLR [c000000000c0046c] dev_hard_start_xmit+0x11c/0x280\n\tCall Trace:\n\t[c008000001618f08] ibmvnic_xmit+0x570/0xb60 [ibmvnic] (unreliable)\n\t[c000000000c0046c] dev_hard_start_xmit+0x11c/0x280\n\t[c000000000c9cfcc] sch_direct_xmit+0xec/0x330\n\t[c000000000bfe640] __dev_xmit_skb+0x3a0/0x9d0\n\t[c000000000c00ad4] __dev_queue_xmit+0x394/0x730\n\t[c008000002db813c] __bond_start_xmit+0x254/0x450 [bonding]\n\t[c008000002db8378] bond_start_xmit+0x40/0xc0 [bonding]\n\t[c000000000c0046c] dev_hard_start_xmit+0x11c/0x280\n\t[c000000000c00ca4] __dev_queue_xmit+0x564/0x730\n\t[c000000000cf97e0] neigh_hh_output+0xd0/0x180\n\t[c000000000cfa69c] ip_finish_output2+0x31c/0x5c0\n\t[c000000000cfd244] __ip_queue_xmit+0x194/0x4f0\n\t[c000000000d2a3c4] __tcp_transmit_skb+0x434/0x9b0\n\t[c000000000d2d1e0] __tcp_retransmit_skb+0x1d0/0x6a0\n\t[c000000000d2d984] tcp_retransmit_skb+0x34/0x130\n\t[c000000000d310e8] tcp_retransmit_timer+0x388/0x6d0\n\t[c000000000d315ec] tcp_write_timer_handler+0x1bc/0x330\n\t[c000000000d317bc] tcp_write_timer+0x5c/0x200\n\t[c000000000243270] call_timer_fn+0x50/0x1c0\n\t[c000000000243704] __run_timers.part.0+0x324/0x460\n\t[c000000000243894] run_timer_softirq+0x54/0xa0\n\t[c000000000ea713c] __do_softirq+0x15c/0x3e0\n\t[c000000000166258] __irq_exit_rcu+0x158/0x190\n\t[c000000000166420] irq_exit+0x20/0x40\n\t[c00000000002853c] timer_interrupt+0x14c/0x2b0\n\t[c000000000009a00] decrementer_common_virt+0x210/0x220\n\t--- interrupt: 900 at plpar_hcall_norets_notrace+0x18/0x2c\n\nThe immediate cause of the crash is the access of tx_scrq in the following\nsnippet during a reset, where the tx_scrq can be either NULL or an address\nthat will soon be invalid:\n\n\tibmvnic_xmit()\n\t{\n\t\t...\n\t\ttx_scrq = adapter-\u003etx_scrq[queue_num];\n\t\ttxq = netdev_get_tx_queue(netdev, queue_num);\n\t\tind_bufp = \u0026tx_scrq-\u003eind_buf;\n\n\t\tif (test_bit(0, \u0026adapter-\u003eresetting)) {\n\t\t...\n\t}\n\nBut beyond that, the call to ibmvnic_xmit() itself is not safe during a\nreset and the reset path attempts to avoid this by stopping the queue in\nibmvnic_cleanup(). However just after the queue was stopped, an in-flight\nibmvnic_complete_tx() could have restarted the queue even as the reset is\nprogressing.\n\nSince the queue was restarted we could get a call to ibmvnic_xmit() which\ncan then access the bad tx_scrq (or other fields).\n\nWe cannot however simply have ibmvnic_complete_tx() check the -\u003eresetting\nbit and skip starting the queue. This can race at the \"back-end\" of a good\nreset which just restarted the queue but has not cleared the -\u003eresetting\nbit yet. If we skip restarting the queue due to -\u003eresetting being true,\nthe queue would remain stopped indefinitely potentially leading to transmit\ntimeouts.\n\nIOW -\u003eresetting is too broad for this purpose. Instead use a new flag\nthat indicates whether or not the queues are active. Only the open/\nreset paths control when the queues are active. ibmvnic_complete_tx()\nand others wake up the queue only if the queue is marked active.\n\nSo we will have:\n\tA. reset/open thread in ibmvnic_cleanup() and __ibmvnic_open()\n\n\t\t-\u003eresetting = true\n\t\t-\u003etx_queues_active = false\n\t\tdisable tx queues\n\t\t...\n\t\t-\u003etx_queues_active = true\n\t\tstart tx queues\n\n\tB. Tx interrupt in ibmvnic_complete_tx():\n\n\t\tif (-\u003etx_queues_active)\n\t\t\tnetif_wake_subqueue();\n\nTo ensure that -\u003etx_queues_active and state of the queues are consistent,\nwe need a lock which:\n\n\t- must also be taken in the interrupt path (ibmvnic_complete_tx())\n\t- shared across the multiple\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49201",
"url": "https://www.suse.com/security/cve/CVE-2022-49201"
},
{
"category": "external",
"summary": "SUSE Bug 1238256 for CVE-2022-49201",
"url": "https://bugzilla.suse.com/1238256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49201"
},
{
"cve": "CVE-2022-49206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix memory leak in error flow for subscribe event routine\n\nIn case the second xa_insert() fails, the obj_event is not released. Fix\nthe error unwind flow to free that memory to avoid a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49206",
"url": "https://www.suse.com/security/cve/CVE-2022-49206"
},
{
"category": "external",
"summary": "SUSE Bug 1238343 for CVE-2022-49206",
"url": "https://bugzilla.suse.com/1238343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49206"
},
{
"cve": "CVE-2022-49212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init\n\nThe reference counting issue happens in several error handling paths\non a refcounted object \"nc-\u003edmac\". In these paths, the function simply\nreturns the error code, forgetting to balance the reference count of\n\"nc-\u003edmac\", increased earlier by dma_request_channel(), which may\ncause refcount leaks.\n\nFix it by decrementing the refcount of specific object in those error\npaths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49212",
"url": "https://www.suse.com/security/cve/CVE-2022-49212"
},
{
"category": "external",
"summary": "SUSE Bug 1238331 for CVE-2022-49212",
"url": "https://bugzilla.suse.com/1238331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49212"
},
{
"cve": "CVE-2022-49213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49213"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath10k: Fix error handling in ath10k_setup_msa_resources\n\nThe device_node pointer is returned by of_parse_phandle() with refcount\nincremented. We should use of_node_put() on it when done.\n\nThis function only calls of_node_put() in the regular path.\nAnd it will cause refcount leak in error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49213",
"url": "https://www.suse.com/security/cve/CVE-2022-49213"
},
{
"category": "external",
"summary": "SUSE Bug 1238327 for CVE-2022-49213",
"url": "https://bugzilla.suse.com/1238327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49213"
},
{
"cve": "CVE-2022-49216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: Fix reference leak in tegra_dsi_ganged_probe\n\nThe reference taken by \u0027of_find_device_by_node()\u0027 must be released when\nnot needed anymore. Add put_device() call to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49216",
"url": "https://www.suse.com/security/cve/CVE-2022-49216"
},
{
"category": "external",
"summary": "SUSE Bug 1238338 for CVE-2022-49216",
"url": "https://bugzilla.suse.com/1238338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49216"
},
{
"cve": "CVE-2022-49217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm8001: Fix abort all task initialization\n\nIn pm80xx_send_abort_all(), the n_elem field of the ccb used is not\ninitialized to 0. This missing initialization sometimes lead to the task\ncompletion path seeing the ccb with a non-zero n_elem resulting in the\nexecution of invalid dma_unmap_sg() calls in pm8001_ccb_task_free(),\ncausing a crash such as:\n\n[ 197.676341] RIP: 0010:iommu_dma_unmap_sg+0x6d/0x280\n[ 197.700204] RSP: 0018:ffff889bbcf89c88 EFLAGS: 00010012\n[ 197.705485] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff83d0bda0\n[ 197.712687] RDX: 0000000000000002 RSI: 0000000000000000 RDI: ffff88810dffc0d0\n[ 197.719887] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff8881c790098b\n[ 197.727089] R10: ffffed1038f20131 R11: 0000000000000001 R12: 0000000000000000\n[ 197.734296] R13: ffff88810dffc0d0 R14: 0000000000000010 R15: 0000000000000000\n[ 197.741493] FS: 0000000000000000(0000) GS:ffff889bbcf80000(0000) knlGS:0000000000000000\n[ 197.749659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 197.755459] CR2: 00007f16c1b42734 CR3: 0000000004814000 CR4: 0000000000350ee0\n[ 197.762656] Call Trace:\n[ 197.765127] \u003cIRQ\u003e\n[ 197.767162] pm8001_ccb_task_free+0x5f1/0x820 [pm80xx]\n[ 197.772364] ? do_raw_spin_unlock+0x54/0x220\n[ 197.776680] pm8001_mpi_task_abort_resp+0x2ce/0x4f0 [pm80xx]\n[ 197.782406] process_oq+0xe85/0x7890 [pm80xx]\n[ 197.786817] ? lock_acquire+0x194/0x490\n[ 197.790697] ? handle_irq_event+0x10e/0x1b0\n[ 197.794920] ? mpi_sata_completion+0x2d70/0x2d70 [pm80xx]\n[ 197.800378] ? __wake_up_bit+0x100/0x100\n[ 197.804340] ? lock_is_held_type+0x98/0x110\n[ 197.808565] pm80xx_chip_isr+0x94/0x130 [pm80xx]\n[ 197.813243] tasklet_action_common.constprop.0+0x24b/0x2f0\n[ 197.818785] __do_softirq+0x1b5/0x82d\n[ 197.822485] ? do_raw_spin_unlock+0x54/0x220\n[ 197.826799] __irq_exit_rcu+0x17e/0x1e0\n[ 197.830678] irq_exit_rcu+0xa/0x20\n[ 197.834114] common_interrupt+0x78/0x90\n[ 197.840051] \u003c/IRQ\u003e\n[ 197.844236] \u003cTASK\u003e\n[ 197.848397] asm_common_interrupt+0x1e/0x40\n\nAvoid this issue by always initializing the ccb n_elem field to 0 in\npm8001_send_abort_all(), pm8001_send_read_log() and\npm80xx_send_abort_all().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49217",
"url": "https://www.suse.com/security/cve/CVE-2022-49217"
},
{
"category": "external",
"summary": "SUSE Bug 1238313 for CVE-2022-49217",
"url": "https://bugzilla.suse.com/1238313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49217"
},
{
"cve": "CVE-2022-49224",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49224"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add():\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix memory leak by calling kobject_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49224",
"url": "https://www.suse.com/security/cve/CVE-2022-49224"
},
{
"category": "external",
"summary": "SUSE Bug 1237998 for CVE-2022-49224",
"url": "https://bugzilla.suse.com/1237998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49224"
},
{
"cve": "CVE-2022-49226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: asix: add proper error handling of usb read errors\n\nSyzbot once again hit uninit value in asix driver. The problem still the\nsame -- asix_read_cmd() reads less bytes, than was requested by caller.\n\nSince all read requests are performed via asix_read_cmd() let\u0027s catch\nusb related error there and add __must_check notation to be sure all\ncallers actually check return value.\n\nSo, this patch adds sanity check inside asix_read_cmd(), that simply\nchecks if bytes read are not less, than was requested and adds missing\nerror handling of asix_read_cmd() all across the driver code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49226",
"url": "https://www.suse.com/security/cve/CVE-2022-49226"
},
{
"category": "external",
"summary": "SUSE Bug 1238336 for CVE-2022-49226",
"url": "https://bugzilla.suse.com/1238336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49226"
},
{
"cve": "CVE-2022-49232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49232"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()\n\nIn amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode()\nis assigned to mode and is passed to drm_mode_probed_add() directly after\nthat. drm_mode_probed_add() passes \u0026mode-\u003ehead to list_add_tail(), and\nthere is a dereference of it in list_add_tail() without recoveries, which\ncould lead to NULL pointer dereference on failure of\namdgpu_dm_create_common_mode().\n\nFix this by adding a NULL check of mode.\n\nThis bug was found by a static analyzer.\n\nBuilds with \u0027make allyesconfig\u0027 show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49232",
"url": "https://www.suse.com/security/cve/CVE-2022-49232"
},
{
"category": "external",
"summary": "SUSE Bug 1238139 for CVE-2022-49232",
"url": "https://bugzilla.suse.com/1238139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49232"
},
{
"cve": "CVE-2022-49235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k_htc: fix uninit value bugs\n\nSyzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing\nfield initialization.\n\nIn htc_connect_service() svc_meta_len and pad are not initialized. Based\non code it looks like in current skb there is no service data, so simply\ninitialize svc_meta_len to 0.\n\nhtc_issue_send() does not initialize htc_frame_hdr::control array. Based\non firmware code, it will initialize it by itself, so simply zero whole\narray to make KMSAN happy\n\nFail logs:\n\nBUG: KMSAN: kernel-usb-infoleak in usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]\n hif_usb_send+0x5f0/0x16f0 drivers/net/wireless/ath/ath9k/hif_usb.c:479\n htc_issue_send drivers/net/wireless/ath/ath9k/htc_hst.c:34 [inline]\n htc_connect_service+0x143e/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:275\n...\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:524 [inline]\n slab_alloc_node mm/slub.c:3251 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1126 [inline]\n htc_connect_service+0x1029/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:258\n...\n\nBytes 4-7 of 18 are uninitialized\nMemory access of size 18 starts at ffff888027377e00\n\nBUG: KMSAN: kernel-usb-infoleak in usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]\n hif_usb_send+0x5f0/0x16f0 drivers/net/wireless/ath/ath9k/hif_usb.c:479\n htc_issue_send drivers/net/wireless/ath/ath9k/htc_hst.c:34 [inline]\n htc_connect_service+0x143e/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:275\n...\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:524 [inline]\n slab_alloc_node mm/slub.c:3251 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1126 [inline]\n htc_connect_service+0x1029/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:258\n...\n\nBytes 16-17 of 18 are uninitialized\nMemory access of size 18 starts at ffff888027377e00",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49235",
"url": "https://www.suse.com/security/cve/CVE-2022-49235"
},
{
"category": "external",
"summary": "SUSE Bug 1238333 for CVE-2022-49235",
"url": "https://bugzilla.suse.com/1238333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49235"
},
{
"cve": "CVE-2022-49239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data\n\nThe device_node pointer is returned by of_parse_phandle() with refcount\nincremented. We should use of_node_put() on it when done.\nThis is similar to commit 64b92de9603f\n(\"ASoC: wcd9335: fix a leaked reference by adding missing of_node_put\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49239",
"url": "https://www.suse.com/security/cve/CVE-2022-49239"
},
{
"category": "external",
"summary": "SUSE Bug 1238334 for CVE-2022-49239",
"url": "https://bugzilla.suse.com/1238334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49239"
},
{
"cve": "CVE-2022-49242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49242"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mxs: Fix error handling in mxs_sgtl5000_probe\n\nThis function only calls of_node_put() in the regular path.\nAnd it will cause refcount leak in error paths.\nFor example, when codec_np is NULL, saif_np[0] and saif_np[1]\nare not NULL, it will cause leaks.\n\nof_node_put() will check if the node pointer is NULL, so we can\ncall it directly to release the refcount of regular pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49242",
"url": "https://www.suse.com/security/cve/CVE-2022-49242"
},
{
"category": "external",
"summary": "SUSE Bug 1238126 for CVE-2022-49242",
"url": "https://bugzilla.suse.com/1238126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49242"
},
{
"cve": "CVE-2022-49243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49243"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe\n\nThis node pointer is returned by of_parse_phandle() with refcount\nincremented in this function.\nCalling of_node_put() to avoid the refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49243",
"url": "https://www.suse.com/security/cve/CVE-2022-49243"
},
{
"category": "external",
"summary": "SUSE Bug 1238337 for CVE-2022-49243",
"url": "https://bugzilla.suse.com/1238337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49243"
},
{
"cve": "CVE-2022-49247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED\n\nIf the callback \u0027start_streaming\u0027 fails, then all\nqueued buffers in the driver should be returned with\nstate \u0027VB2_BUF_STATE_QUEUED\u0027. Currently, they are\nreturned with \u0027VB2_BUF_STATE_ERROR\u0027 which is wrong.\nFix this. This also fixes the warning:\n\n[ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0x160 [videobuf2_common]\n[ 65.585027] Modules linked in: snd_usb_audio snd_hwdep snd_usbmidi_lib snd_rawmidi snd_soc_hdmi_codec dw_hdmi_i2s_audio saa7115 stk1160 videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common videodev mc crct10dif_ce panfrost snd_soc_simple_card snd_soc_audio_graph_card snd_soc_spdif_tx snd_soc_simple_card_utils gpu_sched phy_rockchip_pcie snd_soc_rockchip_i2s rockchipdrm analogix_dp dw_mipi_dsi dw_hdmi cec drm_kms_helper drm rtc_rk808 rockchip_saradc industrialio_triggered_buffer kfifo_buf rockchip_thermal pcie_rockchip_host ip_tables x_tables ipv6\n[ 65.589383] CPU: 5 PID: 593 Comm: v4l2src0:src Tainted: G W 5.16.0-rc4-62408-g32447129cb30-dirty #14\n[ 65.590293] Hardware name: Radxa ROCK Pi 4B (DT)\n[ 65.590696] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 65.591304] pc : vb2_start_streaming+0xd4/0x160 [videobuf2_common]\n[ 65.591850] lr : vb2_start_streaming+0x6c/0x160 [videobuf2_common]\n[ 65.592395] sp : ffff800012bc3ad0\n[ 65.592685] x29: ffff800012bc3ad0 x28: 0000000000000000 x27: ffff800012bc3cd8\n[ 65.593312] x26: 0000000000000000 x25: ffff00000d8a7800 x24: 0000000040045612\n[ 65.593938] x23: ffff800011323000 x22: ffff800012bc3cd8 x21: ffff00000908a8b0\n[ 65.594562] x20: ffff00000908a8c8 x19: 00000000fffffff4 x18: ffffffffffffffff\n[ 65.595188] x17: 000000040044ffff x16: 00400034b5503510 x15: ffff800011323f78\n[ 65.595813] x14: ffff000013163886 x13: ffff000013163885 x12: 00000000000002ce\n[ 65.596439] x11: 0000000000000028 x10: 0000000000000001 x9 : 0000000000000228\n[ 65.597064] x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff726c5e78\n[ 65.597690] x5 : ffff800012bc3990 x4 : 0000000000000000 x3 : ffff000009a34880\n[ 65.598315] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000007cd99f0\n[ 65.598940] Call trace:\n[ 65.599155] vb2_start_streaming+0xd4/0x160 [videobuf2_common]\n[ 65.599672] vb2_core_streamon+0x17c/0x1a8 [videobuf2_common]\n[ 65.600179] vb2_streamon+0x54/0x88 [videobuf2_v4l2]\n[ 65.600619] vb2_ioctl_streamon+0x54/0x60 [videobuf2_v4l2]\n[ 65.601103] v4l_streamon+0x3c/0x50 [videodev]\n[ 65.601521] __video_do_ioctl+0x1a4/0x428 [videodev]\n[ 65.601977] video_usercopy+0x320/0x828 [videodev]\n[ 65.602419] video_ioctl2+0x3c/0x58 [videodev]\n[ 65.602830] v4l2_ioctl+0x60/0x90 [videodev]\n[ 65.603227] __arm64_sys_ioctl+0xa8/0xe0\n[ 65.603576] invoke_syscall+0x54/0x118\n[ 65.603911] el0_svc_common.constprop.3+0x84/0x100\n[ 65.604332] do_el0_svc+0x34/0xa0\n[ 65.604625] el0_svc+0x1c/0x50\n[ 65.604897] el0t_64_sync_handler+0x88/0xb0\n[ 65.605264] el0t_64_sync+0x16c/0x170\n[ 65.605587] ---[ end trace 578e0ba07742170d ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49247",
"url": "https://www.suse.com/security/cve/CVE-2022-49247"
},
{
"category": "external",
"summary": "SUSE Bug 1237783 for CVE-2022-49247",
"url": "https://bugzilla.suse.com/1237783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49247"
},
{
"cve": "CVE-2022-49248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction\n\nAV/C deferred transaction was supported at a commit 00a7bb81c20f (\"ALSA:\nfirewire-lib: Add support for deferred transaction\") while \u0027deferrable\u0027\nflag can be uninitialized for non-control/notify AV/C transactions.\nUBSAN reports it:\n\nkernel: ================================================================================\nkernel: UBSAN: invalid-load in /build/linux-aa0B4d/linux-5.15.0/sound/firewire/fcp.c:363:9\nkernel: load of value 158 is not a valid value for type \u0027_Bool\u0027\nkernel: CPU: 3 PID: 182227 Comm: irq/35-firewire Tainted: P OE 5.15.0-18-generic #18-Ubuntu\nkernel: Hardware name: Gigabyte Technology Co., Ltd. AX370-Gaming 5/AX370-Gaming 5, BIOS F42b 08/01/2019\nkernel: Call Trace:\nkernel: \u003cIRQ\u003e\nkernel: show_stack+0x52/0x58\nkernel: dump_stack_lvl+0x4a/0x5f\nkernel: dump_stack+0x10/0x12\nkernel: ubsan_epilogue+0x9/0x45\nkernel: __ubsan_handle_load_invalid_value.cold+0x44/0x49\nkernel: fcp_response.part.0.cold+0x1a/0x2b [snd_firewire_lib]\nkernel: fcp_response+0x28/0x30 [snd_firewire_lib]\nkernel: fw_core_handle_request+0x230/0x3d0 [firewire_core]\nkernel: handle_ar_packet+0x1d9/0x200 [firewire_ohci]\nkernel: ? handle_ar_packet+0x1d9/0x200 [firewire_ohci]\nkernel: ? transmit_complete_callback+0x9f/0x120 [firewire_core]\nkernel: ar_context_tasklet+0xa8/0x2e0 [firewire_ohci]\nkernel: tasklet_action_common.constprop.0+0xea/0xf0\nkernel: tasklet_action+0x22/0x30\nkernel: __do_softirq+0xd9/0x2e3\nkernel: ? irq_finalize_oneshot.part.0+0xf0/0xf0\nkernel: do_softirq+0x75/0xa0\nkernel: \u003c/IRQ\u003e\nkernel: \u003cTASK\u003e\nkernel: __local_bh_enable_ip+0x50/0x60\nkernel: irq_forced_thread_fn+0x7e/0x90\nkernel: irq_thread+0xba/0x190\nkernel: ? irq_thread_fn+0x60/0x60\nkernel: kthread+0x11e/0x140\nkernel: ? irq_thread_check_affinity+0xf0/0xf0\nkernel: ? set_kthread_struct+0x50/0x50\nkernel: ret_from_fork+0x22/0x30\nkernel: \u003c/TASK\u003e\nkernel: ================================================================================\n\nThis commit fixes the bug. The bug has no disadvantage for the non-\ncontrol/notify AV/C transactions since the flag has an effect for AV/C\nresponse with INTERIM (0x0f) status which is not used for the transactions\nin AV/C general specification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49248",
"url": "https://www.suse.com/security/cve/CVE-2022-49248"
},
{
"category": "external",
"summary": "SUSE Bug 1238284 for CVE-2022-49248",
"url": "https://bugzilla.suse.com/1238284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49248"
},
{
"cve": "CVE-2022-49253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49253"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usb: go7007: s2250-board: fix leak in probe()\n\nCall i2c_unregister_device(audio) on this error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49253",
"url": "https://www.suse.com/security/cve/CVE-2022-49253"
},
{
"category": "external",
"summary": "SUSE Bug 1238420 for CVE-2022-49253",
"url": "https://bugzilla.suse.com/1238420"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49253"
},
{
"cve": "CVE-2022-49259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t delete queue kobject before its children\n\nkobjects aren\u0027t supposed to be deleted before their child kobjects are\ndeleted. Apparently this is usually benign; however, a WARN will be\ntriggered if one of the child kobjects has a named attribute group:\n\n sysfs group \u0027modes\u0027 not found for kobject \u0027crypto\u0027\n WARNING: CPU: 0 PID: 1 at fs/sysfs/group.c:278 sysfs_remove_group+0x72/0x80\n ...\n Call Trace:\n sysfs_remove_groups+0x29/0x40 fs/sysfs/group.c:312\n __kobject_del+0x20/0x80 lib/kobject.c:611\n kobject_cleanup+0xa4/0x140 lib/kobject.c:696\n kobject_release lib/kobject.c:736 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x53/0x70 lib/kobject.c:753\n blk_crypto_sysfs_unregister+0x10/0x20 block/blk-crypto-sysfs.c:159\n blk_unregister_queue+0xb0/0x110 block/blk-sysfs.c:962\n del_gendisk+0x117/0x250 block/genhd.c:610\n\nFix this by moving the kobject_del() and the corresponding\nkobject_uevent() to the correct place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49259",
"url": "https://www.suse.com/security/cve/CVE-2022-49259"
},
{
"category": "external",
"summary": "SUSE Bug 1238413 for CVE-2022-49259",
"url": "https://bugzilla.suse.com/1238413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49259"
},
{
"cve": "CVE-2022-49261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: add missing boundary check in vm_access\n\nA missing bounds check in vm_access() can lead to an out-of-bounds read\nor write in the adjacent memory area, since the len attribute is not\nvalidated before the memcpy later in the function, potentially hitting:\n\n[ 183.637831] BUG: unable to handle page fault for address: ffffc90000c86000\n[ 183.637934] #PF: supervisor read access in kernel mode\n[ 183.637997] #PF: error_code(0x0000) - not-present page\n[ 183.638059] PGD 100000067 P4D 100000067 PUD 100258067 PMD 106341067 PTE 0\n[ 183.638144] Oops: 0000 [#2] PREEMPT SMP NOPTI\n[ 183.638201] CPU: 3 PID: 1790 Comm: poc Tainted: G D 5.17.0-rc6-ci-drm-11296+ #1\n[ 183.638298] Hardware name: Intel Corporation CoffeeLake Client Platform/CoffeeLake H DDR4 RVP, BIOS CNLSFWR1.R00.X208.B00.1905301319 05/30/2019\n[ 183.638430] RIP: 0010:memcpy_erms+0x6/0x10\n[ 183.640213] RSP: 0018:ffffc90001763d48 EFLAGS: 00010246\n[ 183.641117] RAX: ffff888109c14000 RBX: ffff888111bece40 RCX: 0000000000000ffc\n[ 183.642029] RDX: 0000000000001000 RSI: ffffc90000c86000 RDI: ffff888109c14004\n[ 183.642946] RBP: 0000000000000ffc R08: 800000000000016b R09: 0000000000000000\n[ 183.643848] R10: ffffc90000c85000 R11: 0000000000000048 R12: 0000000000001000\n[ 183.644742] R13: ffff888111bed190 R14: ffff888109c14000 R15: 0000000000001000\n[ 183.645653] FS: 00007fe5ef807540(0000) GS:ffff88845b380000(0000) knlGS:0000000000000000\n[ 183.646570] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 183.647481] CR2: ffffc90000c86000 CR3: 000000010ff02006 CR4: 00000000003706e0\n[ 183.648384] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 183.649271] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 183.650142] Call Trace:\n[ 183.650988] \u003cTASK\u003e\n[ 183.651793] vm_access+0x1f0/0x2a0 [i915]\n[ 183.652726] __access_remote_vm+0x224/0x380\n[ 183.653561] mem_rw.isra.0+0xf9/0x190\n[ 183.654402] vfs_read+0x9d/0x1b0\n[ 183.655238] ksys_read+0x63/0xe0\n[ 183.656065] do_syscall_64+0x38/0xc0\n[ 183.656882] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 183.657663] RIP: 0033:0x7fe5ef725142\n[ 183.659351] RSP: 002b:00007ffe1e81c7e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[ 183.660227] RAX: ffffffffffffffda RBX: 0000557055dfb780 RCX: 00007fe5ef725142\n[ 183.661104] RDX: 0000000000001000 RSI: 00007ffe1e81d880 RDI: 0000000000000005\n[ 183.661972] RBP: 00007ffe1e81e890 R08: 0000000000000030 R09: 0000000000000046\n[ 183.662832] R10: 0000557055dfc2e0 R11: 0000000000000246 R12: 0000557055dfb1c0\n[ 183.663691] R13: 00007ffe1e81e980 R14: 0000000000000000 R15: 0000000000000000\n\nChanges since v1:\n - Updated if condition with range_overflows_t [Chris Wilson]\n\n[mauld: tidy up the commit message and add Cc: stable]\n(cherry picked from commit 661412e301e2ca86799aa4f400d1cf0bd38c57c6)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49261",
"url": "https://www.suse.com/security/cve/CVE-2022-49261"
},
{
"category": "external",
"summary": "SUSE Bug 1238462 for CVE-2022-49261",
"url": "https://bugzilla.suse.com/1238462"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49261"
},
{
"cve": "CVE-2022-49263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49263"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbrcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path\n\nThis avoids leaking memory if brcmf_chip_get_raminfo fails. Note that\nthe CLM blob is released in the device remove path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49263",
"url": "https://www.suse.com/security/cve/CVE-2022-49263"
},
{
"category": "external",
"summary": "SUSE Bug 1238267 for CVE-2022-49263",
"url": "https://bugzilla.suse.com/1238267"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49263"
},
{
"cve": "CVE-2022-49264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexec: Force single empty string when argv is empty\n\nQuoting[1] Ariadne Conill:\n\n\"In several other operating systems, it is a hard requirement that the\nsecond argument to execve(2) be the name of a program, thus prohibiting\na scenario where argc \u003c 1. POSIX 2017 also recommends this behaviour,\nbut it is not an explicit requirement[2]:\n\n The argument arg0 should point to a filename string that is\n associated with the process being started by one of the exec\n functions.\n...\nInterestingly, Michael Kerrisk opened an issue about this in 2008[3],\nbut there was no consensus to support fixing this issue then.\nHopefully now that CVE-2021-4034 shows practical exploitative use[4]\nof this bug in a shellcode, we can reconsider.\n\nThis issue is being tracked in the KSPP issue tracker[5].\"\n\nWhile the initial code searches[6][7] turned up what appeared to be\nmostly corner case tests, trying to that just reject argv == NULL\n(or an immediately terminated pointer list) quickly started tripping[8]\nexisting userspace programs.\n\nThe next best approach is forcing a single empty string into argv and\nadjusting argc to match. The number of programs depending on argc == 0\nseems a smaller set than those calling execve with a NULL argv.\n\nAccount for the additional stack space in bprm_stack_limits(). Inject an\nempty string when argc == 0 (and set argc = 1). Warn about the case so\nuserspace has some notice about the change:\n\n process \u0027./argc0\u0027 launched \u0027./argc0\u0027 with NULL argv: empty string added\n\nAdditionally WARN() and reject NULL argv usage for kernel threads.\n\n[1] https://lore.kernel.org/lkml/20220127000724.15106-1-ariadne@dereferenced.org/\n[2] https://pubs.opengroup.org/onlinepubs/9699919799/functions/exec.html\n[3] https://bugzilla.kernel.org/show_bug.cgi?id=8408\n[4] https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt\n[5] https://github.com/KSPP/linux/issues/176\n[6] https://codesearch.debian.net/search?q=execve%5C+*%5C%28%5B%5E%2C%5D%2B%2C+*NULL\u0026literal=0\n[7] https://codesearch.debian.net/search?q=execlp%3F%5Cs*%5C%28%5B%5E%2C%5D%2B%2C%5Cs*NULL\u0026literal=0\n[8] https://lore.kernel.org/lkml/20220131144352.GE16385@xsang-OptiPlex-9020/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49264",
"url": "https://www.suse.com/security/cve/CVE-2022-49264"
},
{
"category": "external",
"summary": "SUSE Bug 1237815 for CVE-2022-49264",
"url": "https://bugzilla.suse.com/1237815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49264"
},
{
"cve": "CVE-2022-49271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49271"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent bad output lengths in smb2_ioctl_query_info()\n\nWhen calling smb2_ioctl_query_info() with\nsmb_query_info::flags=PASSTHRU_FSCTL and\nsmb_query_info::output_buffer_length=0, the following would return\n0x10\n\n\tbuffer = memdup_user(arg + sizeof(struct smb_query_info),\n\t\t\t qi.output_buffer_length);\n\tif (IS_ERR(buffer)) {\n\t\tkfree(vars);\n\t\treturn PTR_ERR(buffer);\n\t}\n\nrather than a valid pointer thus making IS_ERR() check fail. This\nwould then cause a NULL ptr deference in @buffer when accessing it\nlater in smb2_ioctl_query_ioctl(). While at it, prevent having a\n@buffer smaller than 8 bytes to correctly handle SMB2_SET_INFO\nFileEndOfFileInformation requests when\nsmb_query_info::flags=PASSTHRU_SET_INFO.\n\nHere is a small C reproducer which triggers a NULL ptr in @buffer when\npassing an invalid smb_query_info::flags\n\n\t#include \u003cstdio.h\u003e\n\t#include \u003cstdlib.h\u003e\n\t#include \u003cstdint.h\u003e\n\t#include \u003cunistd.h\u003e\n\t#include \u003cfcntl.h\u003e\n\t#include \u003csys/ioctl.h\u003e\n\n\t#define die(s) perror(s), exit(1)\n\t#define QUERY_INFO 0xc018cf07\n\n\tint main(int argc, char *argv[])\n\t{\n\t\tint fd;\n\n\t\tif (argc \u003c 2)\n\t\t\texit(1);\n\t\tfd = open(argv[1], O_RDONLY);\n\t\tif (fd == -1)\n\t\t\tdie(\"open\");\n\t\tif (ioctl(fd, QUERY_INFO, (uint32_t[]) { 0, 0, 0, 4, 0, 0}) == -1)\n\t\t\tdie(\"ioctl\");\n\t\tclose(fd);\n\t\treturn 0;\n\t}\n\n\tmount.cifs //srv/share /mnt -o ...\n\tgcc repro.c \u0026\u0026 ./a.out /mnt/f0\n\n\t[ 114.138620] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\n\t[ 114.139310] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\t[ 114.139775] CPU: 2 PID: 995 Comm: a.out Not tainted 5.17.0-rc8 #1\n\t[ 114.140148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 04/01/2014\n\t[ 114.140818] RIP: 0010:smb2_ioctl_query_info+0x206/0x410 [cifs]\n\t[ 114.141221] Code: 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 c8 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 7b 28 4c 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 9c 01 00 00 49 8b 3f e8 58 02 fb ff 48 8b 14 24\n\t[ 114.142348] RSP: 0018:ffffc90000b47b00 EFLAGS: 00010256\n\t[ 114.142692] RAX: dffffc0000000000 RBX: ffff888115503200 RCX: ffffffffa020580d\n\t[ 114.143119] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffa043a380\n\t[ 114.143544] RBP: ffff888115503278 R08: 0000000000000001 R09: 0000000000000003\n\t[ 114.143983] R10: fffffbfff4087470 R11: 0000000000000001 R12: ffff888115503288\n\t[ 114.144424] R13: 00000000ffffffea R14: ffff888115503228 R15: 0000000000000000\n\t[ 114.144852] FS: 00007f7aeabdf740(0000) GS:ffff888151600000(0000) knlGS:0000000000000000\n\t[ 114.145338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\t[ 114.145692] CR2: 00007f7aeacfdf5e CR3: 000000012000e000 CR4: 0000000000350ee0\n\t[ 114.146131] Call Trace:\n\t[ 114.146291] \u003cTASK\u003e\n\t[ 114.146432] ? smb2_query_reparse_tag+0x890/0x890 [cifs]\n\t[ 114.146800] ? cifs_mapchar+0x460/0x460 [cifs]\n\t[ 114.147121] ? rcu_read_lock_sched_held+0x3f/0x70\n\t[ 114.147412] ? cifs_strndup_to_utf16+0x15b/0x250 [cifs]\n\t[ 114.147775] ? dentry_path_raw+0xa6/0xf0\n\t[ 114.148024] ? cifs_convert_path_to_utf16+0x198/0x220 [cifs]\n\t[ 114.148413] ? smb2_check_message+0x1080/0x1080 [cifs]\n\t[ 114.148766] ? rcu_read_lock_sched_held+0x3f/0x70\n\t[ 114.149065] cifs_ioctl+0x1577/0x3320 [cifs]\n\t[ 114.149371] ? lock_downgrade+0x6f0/0x6f0\n\t[ 114.149631] ? cifs_readdir+0x2e60/0x2e60 [cifs]\n\t[ 114.149956] ? rcu_read_lock_sched_held+0x3f/0x70\n\t[ 114.150250] ? __rseq_handle_notify_resume+0x80b/0xbe0\n\t[ 114.150562] ? __up_read+0x192/0x710\n\t[ 114.150791] ? __ia32_sys_rseq+0xf0/0xf0\n\t[ 114.151025] ? __x64_sys_openat+0x11f/0x1d0\n\t[ 114.151296] __x64_sys_ioctl+0x127/0x190\n\t[ 114.151549] do_syscall_64+0x3b/0x90\n\t[ 114.151768] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\t[ 114.152079] RIP: 0033:0x7f7aead043df\n\t[ 114.152306] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49271",
"url": "https://www.suse.com/security/cve/CVE-2022-49271"
},
{
"category": "external",
"summary": "SUSE Bug 1238626 for CVE-2022-49271",
"url": "https://bugzilla.suse.com/1238626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49271"
},
{
"cve": "CVE-2022-49272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock\n\nsyzbot caught a potential deadlock between the PCM\nruntime-\u003ebuffer_mutex and the mm-\u003emmap_lock. It was brought by the\nrecent fix to cover the racy read/write and other ioctls, and in that\ncommit, I overlooked a (hopefully only) corner case that may take the\nrevert lock, namely, the OSS mmap. The OSS mmap operation\nexceptionally allows to re-configure the parameters inside the OSS\nmmap syscall, where mm-\u003emmap_mutex is already held. Meanwhile, the\ncopy_from/to_user calls at read/write operations also take the\nmm-\u003emmap_lock internally, hence it may lead to a AB/BA deadlock.\n\nA similar problem was already seen in the past and we fixed it with a\nrefcount (in commit b248371628aa). The former fix covered only the\ncall paths with OSS read/write and OSS ioctls, while we need to cover\nthe concurrent access via both ALSA and OSS APIs now.\n\nThis patch addresses the problem above by replacing the buffer_mutex\nlock in the read/write operations with a refcount similar as we\u0027ve\nused for OSS. The new field, runtime-\u003ebuffer_accessing, keeps the\nnumber of concurrent read/write operations. Unlike the former\nbuffer_mutex protection, this protects only around the\ncopy_from/to_user() calls; the other codes are basically protected by\nthe PCM stream lock. The refcount can be a negative, meaning blocked\nby the ioctls. If a negative value is seen, the read/write aborts\nwith -EBUSY. In the ioctl side, OTOH, they check this refcount, too,\nand set to a negative value for blocking unless it\u0027s already being\naccessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49272",
"url": "https://www.suse.com/security/cve/CVE-2022-49272"
},
{
"category": "external",
"summary": "SUSE Bug 1238272 for CVE-2022-49272",
"url": "https://bugzilla.suse.com/1238272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49272"
},
{
"cve": "CVE-2022-49275",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49275"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: m_can: m_can_tx_handler(): fix use after free of skb\n\ncan_put_echo_skb() will clone skb then free the skb. Move the\ncan_put_echo_skb() for the m_can version 3.0.x directly before the\nstart of the xmit in hardware, similar to the 3.1.x branch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49275",
"url": "https://www.suse.com/security/cve/CVE-2022-49275"
},
{
"category": "external",
"summary": "SUSE Bug 1238719 for CVE-2022-49275",
"url": "https://bugzilla.suse.com/1238719"
},
{
"category": "external",
"summary": "SUSE Bug 1238720 for CVE-2022-49275",
"url": "https://bugzilla.suse.com/1238720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49275"
},
{
"cve": "CVE-2022-49279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: prevent integer overflow on 32 bit systems\n\nOn a 32 bit system, the \"len * sizeof(*p)\" operation can have an\ninteger overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49279",
"url": "https://www.suse.com/security/cve/CVE-2022-49279"
},
{
"category": "external",
"summary": "SUSE Bug 1238655 for CVE-2022-49279",
"url": "https://bugzilla.suse.com/1238655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49279"
},
{
"cve": "CVE-2022-49280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49280"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: prevent underflow in nfssvc_decode_writeargs()\n\nSmatch complains:\n\n\tfs/nfsd/nfsxdr.c:341 nfssvc_decode_writeargs()\n\twarn: no lower bound on \u0027args-\u003elen\u0027\n\nChange the type to unsigned to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49280",
"url": "https://www.suse.com/security/cve/CVE-2022-49280"
},
{
"category": "external",
"summary": "SUSE Bug 1238630 for CVE-2022-49280",
"url": "https://bugzilla.suse.com/1238630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49280"
},
{
"cve": "CVE-2022-49281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix handlecache and multiuser\n\nIn multiuser each individual user has their own tcon structure for the\nshare and thus their own handle for a cached directory.\nWhen we umount such a share we much make sure to release the pinned down dentry\nfor each such tcon and not just the master tcon.\n\nOtherwise we will get nasty warnings on umount that dentries are still in use:\n[ 3459.590047] BUG: Dentry 00000000115c6f41{i=12000000019d95,n=/} still in use\\\n (2) [unmount of cifs cifs]\n...\n[ 3459.590492] Call Trace:\n[ 3459.590500] d_walk+0x61/0x2a0\n[ 3459.590518] ? shrink_lock_dentry.part.0+0xe0/0xe0\n[ 3459.590526] shrink_dcache_for_umount+0x49/0x110\n[ 3459.590535] generic_shutdown_super+0x1a/0x110\n[ 3459.590542] kill_anon_super+0x14/0x30\n[ 3459.590549] cifs_kill_sb+0xf5/0x104 [cifs]\n[ 3459.590773] deactivate_locked_super+0x36/0xa0\n[ 3459.590782] cleanup_mnt+0x131/0x190\n[ 3459.590789] task_work_run+0x5c/0x90\n[ 3459.590798] exit_to_user_mode_loop+0x151/0x160\n[ 3459.590809] exit_to_user_mode_prepare+0x83/0xd0\n[ 3459.590818] syscall_exit_to_user_mode+0x12/0x30\n[ 3459.590828] do_syscall_64+0x48/0x90\n[ 3459.590833] entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49281",
"url": "https://www.suse.com/security/cve/CVE-2022-49281"
},
{
"category": "external",
"summary": "SUSE Bug 1238635 for CVE-2022-49281",
"url": "https://bugzilla.suse.com/1238635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49281"
},
{
"cve": "CVE-2022-49285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49285"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: mma8452: use the correct logic to get mma8452_data\n\nThe original logic to get mma8452_data is wrong, the *dev point to\nthe device belong to iio_dev. we can\u0027t use this dev to find the\ncorrect i2c_client. The original logic happen to work because it\nfinally use dev-\u003edriver_data to get iio_dev. Here use the API\nto_i2c_client() is wrong and make reader confuse. To correct the\nlogic, it should be like this\n\n struct mma8452_data *data = iio_priv(dev_get_drvdata(dev));\n\nBut after commit 8b7651f25962 (\"iio: iio_device_alloc(): Remove\nunnecessary self drvdata\"), the upper logic also can\u0027t work.\nWhen try to show the avialable scale in userspace, will meet kernel\ndump, kernel handle NULL pointer dereference.\n\nSo use dev_to_iio_dev() to correct the logic.\n\nDual fixes tags as the second reflects when the bug was exposed, whilst\nthe first reflects when the original bug was introduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49285",
"url": "https://www.suse.com/security/cve/CVE-2022-49285"
},
{
"category": "external",
"summary": "SUSE Bug 1238641 for CVE-2022-49285",
"url": "https://bugzilla.suse.com/1238641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49285"
},
{
"cve": "CVE-2022-49287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49287"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: fix reference counting for struct tpm_chip\n\nThe following sequence of operations results in a refcount warning:\n\n1. Open device /dev/tpmrm.\n2. Remove module tpm_tis_spi.\n3. Write a TPM command to the file descriptor opened at step 1.\n\n------------[ cut here ]------------\nWARNING: CPU: 3 PID: 1161 at lib/refcount.c:25 kobject_get+0xa0/0xa4\nrefcount_t: addition on 0; use-after-free.\nModules linked in: tpm_tis_spi tpm_tis_core tpm mdio_bcm_unimac brcmfmac\nsha256_generic libsha256 sha256_arm hci_uart btbcm bluetooth cfg80211 vc4\nbrcmutil ecdh_generic ecc snd_soc_core crc32_arm_ce libaes\nraspberrypi_hwmon ac97_bus snd_pcm_dmaengine bcm2711_thermal snd_pcm\nsnd_timer genet snd phy_generic soundcore [last unloaded: spi_bcm2835]\nCPU: 3 PID: 1161 Comm: hold_open Not tainted 5.10.0ls-main-dirty #2\nHardware name: BCM2711\n[\u003cc0410c3c\u003e] (unwind_backtrace) from [\u003cc040b580\u003e] (show_stack+0x10/0x14)\n[\u003cc040b580\u003e] (show_stack) from [\u003cc1092174\u003e] (dump_stack+0xc4/0xd8)\n[\u003cc1092174\u003e] (dump_stack) from [\u003cc0445a30\u003e] (__warn+0x104/0x108)\n[\u003cc0445a30\u003e] (__warn) from [\u003cc0445aa8\u003e] (warn_slowpath_fmt+0x74/0xb8)\n[\u003cc0445aa8\u003e] (warn_slowpath_fmt) from [\u003cc08435d0\u003e] (kobject_get+0xa0/0xa4)\n[\u003cc08435d0\u003e] (kobject_get) from [\u003cbf0a715c\u003e] (tpm_try_get_ops+0x14/0x54 [tpm])\n[\u003cbf0a715c\u003e] (tpm_try_get_ops [tpm]) from [\u003cbf0a7d6c\u003e] (tpm_common_write+0x38/0x60 [tpm])\n[\u003cbf0a7d6c\u003e] (tpm_common_write [tpm]) from [\u003cc05a7ac0\u003e] (vfs_write+0xc4/0x3c0)\n[\u003cc05a7ac0\u003e] (vfs_write) from [\u003cc05a7ee4\u003e] (ksys_write+0x58/0xcc)\n[\u003cc05a7ee4\u003e] (ksys_write) from [\u003cc04001a0\u003e] (ret_fast_syscall+0x0/0x4c)\nException stack(0xc226bfa8 to 0xc226bff0)\nbfa0: 00000000 000105b4 00000003 beafe664 00000014 00000000\nbfc0: 00000000 000105b4 000103f8 00000004 00000000 00000000 b6f9c000 beafe684\nbfe0: 0000006c beafe648 0001056c b6eb6944\n---[ end trace d4b8409def9b8b1f ]---\n\nThe reason for this warning is the attempt to get the chip-\u003edev reference\nin tpm_common_write() although the reference counter is already zero.\n\nSince commit 8979b02aaf1d (\"tpm: Fix reference count to main device\") the\nextra reference used to prevent a premature zero counter is never taken,\nbecause the required TPM_CHIP_FLAG_TPM2 flag is never set.\n\nFix this by moving the TPM 2 character device handling from\ntpm_chip_alloc() to tpm_add_char_device() which is called at a later point\nin time when the flag has been set in case of TPM2.\n\nCommit fdc915f7f719 (\"tpm: expose spaces via a device link /dev/tpmrm\u003cn\u003e\")\nalready introduced function tpm_devs_release() to release the extra\nreference but did not implement the required put on chip-\u003edevs that results\nin the call of this function.\n\nFix this by putting chip-\u003edevs in tpm_chip_unregister().\n\nFinally move the new implementation for the TPM 2 handling into a new\nfunction to avoid multiple checks for the TPM_CHIP_FLAG_TPM2 flag in the\ngood case and error cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49287",
"url": "https://www.suse.com/security/cve/CVE-2022-49287"
},
{
"category": "external",
"summary": "SUSE Bug 1238276 for CVE-2022-49287",
"url": "https://bugzilla.suse.com/1238276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49287"
},
{
"cve": "CVE-2022-49288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix races among concurrent prealloc proc writes\n\nWe have no protection against concurrent PCM buffer preallocation\nchanges via proc files, and it may potentially lead to UAF or some\nweird problem. This patch applies the PCM open_mutex to the proc\nwrite operation for avoiding the racy proc writes and the PCM stream\nopen (and further operations).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49288",
"url": "https://www.suse.com/security/cve/CVE-2022-49288"
},
{
"category": "external",
"summary": "SUSE Bug 1238271 for CVE-2022-49288",
"url": "https://bugzilla.suse.com/1238271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49288"
},
{
"cve": "CVE-2022-49290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix potential double free on mesh join\n\nWhile commit 6a01afcf8468 (\"mac80211: mesh: Free ie data when leaving\nmesh\") fixed a memory leak on mesh leave / teardown it introduced a\npotential memory corruption caused by a double free when rejoining the\nmesh:\n\n ieee80211_leave_mesh()\n -\u003e kfree(sdata-\u003eu.mesh.ie);\n ...\n ieee80211_join_mesh()\n -\u003e copy_mesh_setup()\n -\u003e old_ie = ifmsh-\u003eie;\n -\u003e kfree(old_ie);\n\nThis double free / kernel panics can be reproduced by using wpa_supplicant\nwith an encrypted mesh (if set up without encryption via \"iw\" then\nifmsh-\u003eie is always NULL, which avoids this issue). And then calling:\n\n $ iw dev mesh0 mesh leave\n $ iw dev mesh0 mesh join my-mesh\n\nNote that typically these commands are not used / working when using\nwpa_supplicant. And it seems that wpa_supplicant or wpa_cli are going\nthrough a NETDEV_DOWN/NETDEV_UP cycle between a mesh leave and mesh join\nwhere the NETDEV_UP resets the mesh.ie to NULL via a memcpy of\ndefault_mesh_setup in cfg80211_netdev_notifier_call, which then avoids\nthe memory corruption, too.\n\nThe issue was first observed in an application which was not using\nwpa_supplicant but \"Senf\" instead, which implements its own calls to\nnl80211.\n\nFixing the issue by removing the kfree()\u0027ing of the mesh IE in the mesh\njoin function and leaving it solely up to the mesh leave to free the\nmesh IE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49290",
"url": "https://www.suse.com/security/cve/CVE-2022-49290"
},
{
"category": "external",
"summary": "SUSE Bug 1238156 for CVE-2022-49290",
"url": "https://bugzilla.suse.com/1238156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49290"
},
{
"cve": "CVE-2022-49291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix races among concurrent hw_params and hw_free calls\n\nCurrently we have neither proper check nor protection against the\nconcurrent calls of PCM hw_params and hw_free ioctls, which may result\nin a UAF. Since the existing PCM stream lock can\u0027t be used for\nprotecting the whole ioctl operations, we need a new mutex to protect\nthose racy calls.\n\nThis patch introduced a new mutex, runtime-\u003ebuffer_mutex, and applies\nit to both hw_params and hw_free ioctl code paths. Along with it, the\nboth functions are slightly modified (the mmap_count check is moved\ninto the state-check block) for code simplicity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49291",
"url": "https://www.suse.com/security/cve/CVE-2022-49291"
},
{
"category": "external",
"summary": "SUSE Bug 1238705 for CVE-2022-49291",
"url": "https://bugzilla.suse.com/1238705"
},
{
"category": "external",
"summary": "SUSE Bug 1238706 for CVE-2022-49291",
"url": "https://bugzilla.suse.com/1238706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49291"
},
{
"cve": "CVE-2022-49292",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49292"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: oss: Fix PCM OSS buffer allocation overflow\n\nWe\u0027ve got syzbot reports hitting INT_MAX overflow at vmalloc()\nallocation that is called from snd_pcm_plug_alloc(). Although we\napply the restrictions to input parameters, it\u0027s based only on the\nhw_params of the underlying PCM device. Since the PCM OSS layer\nallocates a temporary buffer for the data conversion, the size may\nbecome unexpectedly large when more channels or higher rates is given;\nin the reported case, it went over INT_MAX, hence it hits WARN_ON().\n\nThis patch is an attempt to avoid such an overflow and an allocation\nfor too large buffers. First off, it adds the limit of 1MB as the\nupper bound for period bytes. This must be large enough for all use\ncases, and we really don\u0027t want to handle a larger temporary buffer\nthan this size. The size check is performed at two places, where the\noriginal period bytes is calculated and where the plugin buffer size\nis calculated.\n\nIn addition, the driver uses array_size() and array3_size() for\nmultiplications to catch overflows for the converted period size and\nbuffer bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49292",
"url": "https://www.suse.com/security/cve/CVE-2022-49292"
},
{
"category": "external",
"summary": "SUSE Bug 1238625 for CVE-2022-49292",
"url": "https://bugzilla.suse.com/1238625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49292"
},
{
"cve": "CVE-2022-49293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: initialize registers in nft_do_chain()\n\nInitialize registers to avoid stack leak into userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49293",
"url": "https://www.suse.com/security/cve/CVE-2022-49293"
},
{
"category": "external",
"summary": "SUSE Bug 1239454 for CVE-2022-49293",
"url": "https://bugzilla.suse.com/1239454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49293"
},
{
"cve": "CVE-2022-49295",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49295"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: call genl_unregister_family() first in nbd_cleanup()\n\nOtherwise there may be race between module removal and the handling of\nnetlink command, which can lead to the oops as shown below:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000098\n Oops: 0002 [#1] SMP PTI\n CPU: 1 PID: 31299 Comm: nbd-client Tainted: G E 5.14.0-rc4\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n RIP: 0010:down_write+0x1a/0x50\n Call Trace:\n start_creating+0x89/0x130\n debugfs_create_dir+0x1b/0x130\n nbd_start_device+0x13d/0x390 [nbd]\n nbd_genl_connect+0x42f/0x748 [nbd]\n genl_family_rcv_msg_doit.isra.0+0xec/0x150\n genl_rcv_msg+0xe5/0x1e0\n netlink_rcv_skb+0x55/0x100\n genl_rcv+0x29/0x40\n netlink_unicast+0x1a8/0x250\n netlink_sendmsg+0x21b/0x430\n ____sys_sendmsg+0x2a4/0x2d0\n ___sys_sendmsg+0x81/0xc0\n __sys_sendmsg+0x62/0xb0\n __x64_sys_sendmsg+0x1f/0x30\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n Modules linked in: nbd(E-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49295",
"url": "https://www.suse.com/security/cve/CVE-2022-49295"
},
{
"category": "external",
"summary": "SUSE Bug 1238707 for CVE-2022-49295",
"url": "https://bugzilla.suse.com/1238707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49295"
},
{
"cve": "CVE-2022-49297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix io hung while disconnecting device\n\nIn our tests, \"qemu-nbd\" triggers a io hung:\n\nINFO: task qemu-nbd:11445 blocked for more than 368 seconds.\n Not tainted 5.18.0-rc3-next-20220422-00003-g2176915513ca #884\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:qemu-nbd state:D stack: 0 pid:11445 ppid: 1 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x480/0x1050\n ? _raw_spin_lock_irqsave+0x3e/0xb0\n schedule+0x9c/0x1b0\n blk_mq_freeze_queue_wait+0x9d/0xf0\n ? ipi_rseq+0x70/0x70\n blk_mq_freeze_queue+0x2b/0x40\n nbd_add_socket+0x6b/0x270 [nbd]\n nbd_ioctl+0x383/0x510 [nbd]\n blkdev_ioctl+0x18e/0x3e0\n __x64_sys_ioctl+0xac/0x120\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fd8ff706577\nRSP: 002b:00007fd8fcdfebf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000000040000000 RCX: 00007fd8ff706577\nRDX: 000000000000000d RSI: 000000000000ab00 RDI: 000000000000000f\nRBP: 000000000000000f R08: 000000000000fbe8 R09: 000055fe497c62b0\nR10: 00000002aff20000 R11: 0000000000000246 R12: 000000000000006d\nR13: 0000000000000000 R14: 00007ffe82dc5e70 R15: 00007fd8fcdff9c0\n\n\"qemu-ndb -d\" will call ioctl \u0027NBD_DISCONNECT\u0027 first, however, following\nmessage was found:\n\nblock nbd0: Send disconnect failed -32\n\nWhich indicate that something is wrong with the server. Then,\n\"qemu-nbd -d\" will call ioctl \u0027NBD_CLEAR_SOCK\u0027, however ioctl can\u0027t clear\nrequests after commit 2516ab1543fd(\"nbd: only clear the queue on device\nteardown\"). And in the meantime, request can\u0027t complete through timeout\nbecause nbd_xmit_timeout() will always return \u0027BLK_EH_RESET_TIMER\u0027, which\nmeans such request will never be completed in this situation.\n\nNow that the flag \u0027NBD_CMD_INFLIGHT\u0027 can make sure requests won\u0027t\ncomplete multiple times, switch back to call nbd_clear_sock() in\nnbd_clear_sock_ioctl(), so that inflight requests can be cleared.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49297",
"url": "https://www.suse.com/security/cve/CVE-2022-49297"
},
{
"category": "external",
"summary": "SUSE Bug 1238469 for CVE-2022-49297",
"url": "https://bugzilla.suse.com/1238469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49297"
},
{
"cve": "CVE-2022-49298",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49298"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix uninit-value in r871xu_drv_init()\n\nWhen \u0027tmpU1b\u0027 returns from r8712_read8(padapter, EE_9346CR) is 0,\n\u0027mac[6]\u0027 will not be initialized.\n\nBUG: KMSAN: uninit-value in r871xu_drv_init+0x2d54/0x3070 drivers/staging/rtl8712/usb_intf.c:541\n r871xu_drv_init+0x2d54/0x3070 drivers/staging/rtl8712/usb_intf.c:541\n usb_probe_interface+0xf19/0x1600 drivers/usb/core/driver.c:396\n really_probe+0x653/0x14b0 drivers/base/dd.c:596\n __driver_probe_device+0x3e9/0x530 drivers/base/dd.c:752\n driver_probe_device drivers/base/dd.c:782 [inline]\n __device_attach_driver+0x79f/0x1120 drivers/base/dd.c:899\n bus_for_each_drv+0x2d6/0x3f0 drivers/base/bus.c:427\n __device_attach+0x593/0x8e0 drivers/base/dd.c:970\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:1017\n bus_probe_device+0x17b/0x3e0 drivers/base/bus.c:487\n device_add+0x1fff/0x26e0 drivers/base/core.c:3405\n usb_set_configuration+0x37e9/0x3ed0 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0x13c/0x300 drivers/usb/core/generic.c:238\n usb_probe_device+0x309/0x570 drivers/usb/core/driver.c:293\n really_probe+0x653/0x14b0 drivers/base/dd.c:596\n __driver_probe_device+0x3e9/0x530 drivers/base/dd.c:752\n driver_probe_device drivers/base/dd.c:782 [inline]\n __device_attach_driver+0x79f/0x1120 drivers/base/dd.c:899\n bus_for_each_drv+0x2d6/0x3f0 drivers/base/bus.c:427\n __device_attach+0x593/0x8e0 drivers/base/dd.c:970\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:1017\n bus_probe_device+0x17b/0x3e0 drivers/base/bus.c:487\n device_add+0x1fff/0x26e0 drivers/base/core.c:3405\n usb_new_device+0x1b8e/0x2950 drivers/usb/core/hub.c:2566\n hub_port_connect drivers/usb/core/hub.c:5358 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5502 [inline]\n port_event drivers/usb/core/hub.c:5660 [inline]\n hub_event+0x58e3/0x89e0 drivers/usb/core/hub.c:5742\n process_one_work+0xdb6/0x1820 kernel/workqueue.c:2307\n worker_thread+0x10b3/0x21e0 kernel/workqueue.c:2454\n kthread+0x3c7/0x500 kernel/kthread.c:377\n ret_from_fork+0x1f/0x30\n\nLocal variable mac created at:\n r871xu_drv_init+0x1771/0x3070 drivers/staging/rtl8712/usb_intf.c:394\n usb_probe_interface+0xf19/0x1600 drivers/usb/core/driver.c:396\n\nKMSAN: uninit-value in r871xu_drv_init\nhttps://syzkaller.appspot.com/bug?id=3cd92b1d85428b128503bfa7a250294c9ae00bd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49298",
"url": "https://www.suse.com/security/cve/CVE-2022-49298"
},
{
"category": "external",
"summary": "SUSE Bug 1238718 for CVE-2022-49298",
"url": "https://bugzilla.suse.com/1238718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49298"
},
{
"cve": "CVE-2022-49299",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49299"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49299",
"url": "https://www.suse.com/security/cve/CVE-2022-49299"
},
{
"category": "external",
"summary": "SUSE Bug 1238184 for CVE-2022-49299",
"url": "https://bugzilla.suse.com/1238184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49299"
},
{
"cve": "CVE-2022-49300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49300"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix race between nbd_alloc_config() and module removal\n\nWhen nbd module is being removing, nbd_alloc_config() may be\ncalled concurrently by nbd_genl_connect(), although try_module_get()\nwill return false, but nbd_alloc_config() doesn\u0027t handle it.\n\nThe race may lead to the leak of nbd_config and its related\nresources (e.g, recv_workq) and oops in nbd_read_stat() due\nto the unload of nbd module as shown below:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000040\n Oops: 0000 [#1] SMP PTI\n CPU: 5 PID: 13840 Comm: kworker/u17:33 Not tainted 5.14.0+ #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n Workqueue: knbd16-recv recv_work [nbd]\n RIP: 0010:nbd_read_stat.cold+0x130/0x1a4 [nbd]\n Call Trace:\n recv_work+0x3b/0xb0 [nbd]\n process_one_work+0x1ed/0x390\n worker_thread+0x4a/0x3d0\n kthread+0x12a/0x150\n ret_from_fork+0x22/0x30\n\nFixing it by checking the return value of try_module_get()\nin nbd_alloc_config(). As nbd_alloc_config() may return ERR_PTR(-ENODEV),\nassign nbd-\u003econfig only when nbd_alloc_config() succeeds to ensure\nthe value of nbd-\u003econfig is binary (valid or NULL).\n\nAlso adding a debug message to check the reference counter\nof nbd_config during module removal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49300",
"url": "https://www.suse.com/security/cve/CVE-2022-49300"
},
{
"category": "external",
"summary": "SUSE Bug 1238183 for CVE-2022-49300",
"url": "https://bugzilla.suse.com/1238183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49300"
},
{
"cve": "CVE-2022-49301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix uninit-value in usb_read8() and friends\n\nWhen r8712_usbctrl_vendorreq() returns negative, \u0027data\u0027 in\nusb_read{8,16,32} will not be initialized.\n\nBUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:643 [inline]\nBUG: KMSAN: uninit-value in string+0x4ec/0x6f0 lib/vsprintf.c:725\n string_nocheck lib/vsprintf.c:643 [inline]\n string+0x4ec/0x6f0 lib/vsprintf.c:725\n vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806\n va_format lib/vsprintf.c:1704 [inline]\n pointer+0x18e6/0x1f70 lib/vsprintf.c:2443\n vsnprintf+0x1a9b/0x3650 lib/vsprintf.c:2810\n vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158\n vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256\n dev_vprintk_emit+0x5ef/0x6d0 drivers/base/core.c:4604\n dev_printk_emit+0x1dd/0x21f drivers/base/core.c:4615\n __dev_printk+0x3be/0x440 drivers/base/core.c:4627\n _dev_info+0x1ea/0x22f drivers/base/core.c:4673\n r871xu_drv_init+0x1929/0x3070 drivers/staging/rtl8712/usb_intf.c:401\n usb_probe_interface+0xf19/0x1600 drivers/usb/core/driver.c:396\n really_probe+0x6c7/0x1350 drivers/base/dd.c:621\n __driver_probe_device+0x3e9/0x530 drivers/base/dd.c:752\n driver_probe_device drivers/base/dd.c:782 [inline]\n __device_attach_driver+0x79f/0x1120 drivers/base/dd.c:899\n bus_for_each_drv+0x2d6/0x3f0 drivers/base/bus.c:427\n __device_attach+0x593/0x8e0 drivers/base/dd.c:970\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:1017\n bus_probe_device+0x17b/0x3e0 drivers/base/bus.c:487\n device_add+0x1fff/0x26e0 drivers/base/core.c:3405\n usb_set_configuration+0x37e9/0x3ed0 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0x13c/0x300 drivers/usb/core/generic.c:238\n usb_probe_device+0x309/0x570 drivers/usb/core/driver.c:293\n really_probe+0x6c7/0x1350 drivers/base/dd.c:621\n __driver_probe_device+0x3e9/0x530 drivers/base/dd.c:752\n driver_probe_device drivers/base/dd.c:782 [inline]\n __device_attach_driver+0x79f/0x1120 drivers/base/dd.c:899\n bus_for_each_drv+0x2d6/0x3f0 drivers/base/bus.c:427\n __device_attach+0x593/0x8e0 drivers/base/dd.c:970\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:1017\n bus_probe_device+0x17b/0x3e0 drivers/base/bus.c:487\n device_add+0x1fff/0x26e0 drivers/base/core.c:3405\n usb_new_device+0x1b91/0x2950 drivers/usb/core/hub.c:2566\n hub_port_connect drivers/usb/core/hub.c:5363 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5507 [inline]\n port_event drivers/usb/core/hub.c:5665 [inline]\n hub_event+0x58e3/0x89e0 drivers/usb/core/hub.c:5747\n process_one_work+0xdb6/0x1820 kernel/workqueue.c:2289\n worker_thread+0x10d0/0x2240 kernel/workqueue.c:2436\n kthread+0x3c7/0x500 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30\n\nLocal variable data created at:\n usb_read8+0x5d/0x130 drivers/staging/rtl8712/usb_ops.c:33\n r8712_read8+0xa5/0xd0 drivers/staging/rtl8712/rtl8712_io.c:29\n\nKMSAN: uninit-value in r871xu_drv_init\nhttps://syzkaller.appspot.com/bug?id=3cd92b1d85428b128503bfa7a250294c9ae00bd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49301",
"url": "https://www.suse.com/security/cve/CVE-2022-49301"
},
{
"category": "external",
"summary": "SUSE Bug 1238643 for CVE-2022-49301",
"url": "https://bugzilla.suse.com/1238643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49301"
},
{
"cve": "CVE-2022-49302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: host: isp116x: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49302",
"url": "https://www.suse.com/security/cve/CVE-2022-49302"
},
{
"category": "external",
"summary": "SUSE Bug 1238653 for CVE-2022-49302",
"url": "https://bugzilla.suse.com/1238653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49302"
},
{
"cve": "CVE-2022-49304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: tty: serial: Fix deadlock in sa1100_set_termios()\n\nThere is a deadlock in sa1100_set_termios(), which is shown\nbelow:\n\n (Thread 1) | (Thread 2)\n | sa1100_enable_ms()\nsa1100_set_termios() | mod_timer()\n spin_lock_irqsave() //(1) | (wait a time)\n ... | sa1100_timeout()\n del_timer_sync() | spin_lock_irqsave() //(2)\n (wait timer to stop) | ...\n\nWe hold sport-\u003eport.lock in position (1) of thread 1 and\nuse del_timer_sync() to wait timer to stop, but timer handler\nalso need sport-\u003eport.lock in position (2) of thread 2. As a result,\nsa1100_set_termios() will block forever.\n\nThis patch moves del_timer_sync() before spin_lock_irqsave()\nin order to prevent the deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49304",
"url": "https://www.suse.com/security/cve/CVE-2022-49304"
},
{
"category": "external",
"summary": "SUSE Bug 1238639 for CVE-2022-49304",
"url": "https://bugzilla.suse.com/1238639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49304"
},
{
"cve": "CVE-2022-49305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()\n\nThere is a deadlock in ieee80211_beacons_stop(), which is shown below:\n\n (Thread 1) | (Thread 2)\n | ieee80211_send_beacon()\nieee80211_beacons_stop() | mod_timer()\n spin_lock_irqsave() //(1) | (wait a time)\n ... | ieee80211_send_beacon_cb()\n del_timer_sync() | spin_lock_irqsave() //(2)\n (wait timer to stop) | ...\n\nWe hold ieee-\u003ebeacon_lock in position (1) of thread 1 and use\ndel_timer_sync() to wait timer to stop, but timer handler\nalso need ieee-\u003ebeacon_lock in position (2) of thread 2.\nAs a result, ieee80211_beacons_stop() will block forever.\n\nThis patch extracts del_timer_sync() from the protection of\nspin_lock_irqsave(), which could let timer handler to obtain\nthe needed lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49305",
"url": "https://www.suse.com/security/cve/CVE-2022-49305"
},
{
"category": "external",
"summary": "SUSE Bug 1238645 for CVE-2022-49305",
"url": "https://bugzilla.suse.com/1238645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49305"
},
{
"cve": "CVE-2022-49307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: synclink_gt: Fix null-pointer-dereference in slgt_clean()\n\nWhen the driver fails at alloc_hdlcdev(), and then we remove the driver\nmodule, we will get the following splat:\n\n[ 25.065966] general protection fault, probably for non-canonical address 0xdffffc0000000182: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 25.066914] KASAN: null-ptr-deref in range [0x0000000000000c10-0x0000000000000c17]\n[ 25.069262] RIP: 0010:detach_hdlc_protocol+0x2a/0x3e0\n[ 25.077709] Call Trace:\n[ 25.077924] \u003cTASK\u003e\n[ 25.078108] unregister_hdlc_device+0x16/0x30\n[ 25.078481] slgt_cleanup+0x157/0x9f0 [synclink_gt]\n\nFix this by checking whether the \u0027info-\u003enetdev\u0027 is a null pointer first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49307",
"url": "https://www.suse.com/security/cve/CVE-2022-49307"
},
{
"category": "external",
"summary": "SUSE Bug 1238149 for CVE-2022-49307",
"url": "https://bugzilla.suse.com/1238149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49307"
},
{
"cve": "CVE-2022-49313",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49313"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: usb: host: Fix deadlock in oxu_bus_suspend()\n\nThere is a deadlock in oxu_bus_suspend(), which is shown below:\n\n (Thread 1) | (Thread 2)\n | timer_action()\noxu_bus_suspend() | mod_timer()\n spin_lock_irq() //(1) | (wait a time)\n ... | oxu_watchdog()\n del_timer_sync() | spin_lock_irq() //(2)\n (wait timer to stop) | ...\n\nWe hold oxu-\u003elock in position (1) of thread 1, and use\ndel_timer_sync() to wait timer to stop, but timer handler\nalso need oxu-\u003elock in position (2) of thread 2. As a result,\noxu_bus_suspend() will block forever.\n\nThis patch extracts del_timer_sync() from the protection of\nspin_lock_irq(), which could let timer handler to obtain\nthe needed lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49313",
"url": "https://www.suse.com/security/cve/CVE-2022-49313"
},
{
"category": "external",
"summary": "SUSE Bug 1238633 for CVE-2022-49313",
"url": "https://bugzilla.suse.com/1238633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49313"
},
{
"cve": "CVE-2022-49314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49314"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix a possible resource leak in icom_probe\n\nWhen pci_read_config_dword failed, call pci_release_regions() and\npci_disable_device() to recycle the resource previously allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49314",
"url": "https://www.suse.com/security/cve/CVE-2022-49314"
},
{
"category": "external",
"summary": "SUSE Bug 1238158 for CVE-2022-49314",
"url": "https://bugzilla.suse.com/1238158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49314"
},
{
"cve": "CVE-2022-49315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49315"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()\n\nThere is a deadlock in rtllib_beacons_stop(), which is shown\nbelow:\n\n (Thread 1) | (Thread 2)\n | rtllib_send_beacon()\nrtllib_beacons_stop() | mod_timer()\n spin_lock_irqsave() //(1) | (wait a time)\n ... | rtllib_send_beacon_cb()\n del_timer_sync() | spin_lock_irqsave() //(2)\n (wait timer to stop) | ...\n\nWe hold ieee-\u003ebeacon_lock in position (1) of thread 1 and\nuse del_timer_sync() to wait timer to stop, but timer handler\nalso need ieee-\u003ebeacon_lock in position (2) of thread 2.\nAs a result, rtllib_beacons_stop() will block forever.\n\nThis patch extracts del_timer_sync() from the protection of\nspin_lock_irqsave(), which could let timer handler to obtain\nthe needed lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49315",
"url": "https://www.suse.com/security/cve/CVE-2022-49315"
},
{
"category": "external",
"summary": "SUSE Bug 1238638 for CVE-2022-49315",
"url": "https://bugzilla.suse.com/1238638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49315"
},
{
"cve": "CVE-2022-49316",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49316"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Don\u0027t hold the layoutget locks across multiple RPC calls\n\nWhen doing layoutget as part of the open() compound, we have to be\ncareful to release the layout locks before we can call any further RPC\ncalls, such as setattr(). The reason is that those calls could trigger\na recall, which could deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49316",
"url": "https://www.suse.com/security/cve/CVE-2022-49316"
},
{
"category": "external",
"summary": "SUSE Bug 1238386 for CVE-2022-49316",
"url": "https://bugzilla.suse.com/1238386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49316"
},
{
"cve": "CVE-2022-49320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type\n\nIn zynqmp_dma_alloc/free_chan_resources functions there is a\npotential overflow in the below expressions.\n\ndma_alloc_coherent(chan-\u003edev, (2 * chan-\u003edesc_size *\n\t\t ZYNQMP_DMA_NUM_DESCS),\n\t\t \u0026chan-\u003edesc_pool_p, GFP_KERNEL);\n\ndma_free_coherent(chan-\u003edev,(2 * ZYNQMP_DMA_DESC_SIZE(chan) *\n ZYNQMP_DMA_NUM_DESCS),\n chan-\u003edesc_pool_v, chan-\u003edesc_pool_p);\n\nThe arguments desc_size and ZYNQMP_DMA_NUM_DESCS were 32 bit. Though\nthis overflow condition is not observed but it is a potential problem\nin the case of 32-bit multiplication. Hence fix it by changing the\ndesc_size data type to size_t.\n\nIn addition to coverity fix it also reuse ZYNQMP_DMA_DESC_SIZE macro in\ndma_alloc_coherent API argument.\n\nAddresses-Coverity: Event overflow_before_widen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49320",
"url": "https://www.suse.com/security/cve/CVE-2022-49320"
},
{
"category": "external",
"summary": "SUSE Bug 1238394 for CVE-2022-49320",
"url": "https://bugzilla.suse.com/1238394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49320"
},
{
"cve": "CVE-2022-49321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: treat all calls not a bcall when bc_serv is NULL\n\nWhen a rdma server returns a fault format reply, nfs v3 client may\ntreats it as a bcall when bc service is not exist.\n\nThe debug message at rpcrdma_bc_receive_call are,\n\n[56579.837169] RPC: rpcrdma_bc_receive_call: callback XID\n00000001, length=20\n[56579.837174] RPC: rpcrdma_bc_receive_call: 00 00 00 01 00 00 00\n00 00 00 00 00 00 00 00 00 00 00 00 04\n\nAfter that, rpcrdma_bc_receive_call will meets NULL pointer as,\n\n[ 226.057890] BUG: unable to handle kernel NULL pointer dereference at\n00000000000000c8\n...\n[ 226.058704] RIP: 0010:_raw_spin_lock+0xc/0x20\n...\n[ 226.059732] Call Trace:\n[ 226.059878] rpcrdma_bc_receive_call+0x138/0x327 [rpcrdma]\n[ 226.060011] __ib_process_cq+0x89/0x170 [ib_core]\n[ 226.060092] ib_cq_poll_work+0x26/0x80 [ib_core]\n[ 226.060257] process_one_work+0x1a7/0x360\n[ 226.060367] ? create_worker+0x1a0/0x1a0\n[ 226.060440] worker_thread+0x30/0x390\n[ 226.060500] ? create_worker+0x1a0/0x1a0\n[ 226.060574] kthread+0x116/0x130\n[ 226.060661] ? kthread_flush_work_fn+0x10/0x10\n[ 226.060724] ret_from_fork+0x35/0x40\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49321",
"url": "https://www.suse.com/security/cve/CVE-2022-49321"
},
{
"category": "external",
"summary": "SUSE Bug 1238373 for CVE-2022-49321",
"url": "https://bugzilla.suse.com/1238373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49321"
},
{
"cve": "CVE-2022-49326",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49326"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtl818x: Prevent using not initialized queues\n\nUsing not existing queues can panic the kernel with rtl8180/rtl8185 cards.\nIgnore the skb priority for those cards, they only have one tx queue. Pierre\nAsselin (pa@panix.com) reported the kernel crash in the Gentoo forum:\n\nhttps://forums.gentoo.org/viewtopic-t-1147832-postdays-0-postorder-asc-start-25.html\n\nHe also confirmed that this patch fixes the issue. In summary this happened:\n\nAfter updating wpa_supplicant from 2.9 to 2.10 the kernel crashed with a\n\"divide error: 0000\" when connecting to an AP. Control port tx now tries to\nuse IEEE80211_AC_VO for the priority, which wpa_supplicants starts to use in\n2.10.\n\nSince only the rtl8187se part of the driver supports QoS, the priority\nof the skb is set to IEEE80211_AC_BE (2) by mac80211 for rtl8180/rtl8185\ncards.\n\nrtl8180 is then unconditionally reading out the priority and finally crashes on\ndrivers/net/wireless/realtek/rtl818x/rtl8180/dev.c line 544 without this\npatch:\n\tidx = (ring-\u003eidx + skb_queue_len(\u0026ring-\u003equeue)) % ring-\u003eentries\n\n\"ring-\u003eentries\" is zero for rtl8180/rtl8185 cards, tx_ring[2] never got\ninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49326",
"url": "https://www.suse.com/security/cve/CVE-2022-49326"
},
{
"category": "external",
"summary": "SUSE Bug 1238646 for CVE-2022-49326",
"url": "https://bugzilla.suse.com/1238646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49326"
},
{
"cve": "CVE-2022-49327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: avoid journal no-space deadlock by reserving 1 journal bucket\n\nThe journal no-space deadlock was reported time to time. Such deadlock\ncan happen in the following situation.\n\nWhen all journal buckets are fully filled by active jset with heavy\nwrite I/O load, the cache set registration (after a reboot) will load\nall active jsets and inserting them into the btree again (which is\ncalled journal replay). If a journaled bkey is inserted into a btree\nnode and results btree node split, new journal request might be\ntriggered. For example, the btree grows one more level after the node\nsplit, then the root node record in cache device super block will be\nupgrade by bch_journal_meta() from bch_btree_set_root(). But there is no\nspace in journal buckets, the journal replay has to wait for new journal\nbucket to be reclaimed after at least one journal bucket replayed. This\nis one example that how the journal no-space deadlock happens.\n\nThe solution to avoid the deadlock is to reserve 1 journal bucket in\nrun time, and only permit the reserved journal bucket to be used during\ncache set registration procedure for things like journal replay. Then\nthe journal space will never be fully filled, there is no chance for\njournal no-space deadlock to happen anymore.\n\nThis patch adds a new member \"bool do_reserve\" in struct journal, it is\ninititalized to 0 (false) when struct journal is allocated, and set to\n1 (true) by bch_journal_space_reserve() when all initialization done in\nrun_cache_set(). In the run time when journal_reclaim() tries to\nallocate a new journal bucket, free_journal_buckets() is called to check\nwhether there are enough free journal buckets to use. If there is only\n1 free journal bucket and journal-\u003edo_reserve is 1 (true), the last\nbucket is reserved and free_journal_buckets() will return 0 to indicate\nno free journal bucket. Then journal_reclaim() will give up, and try\nnext time to see whetheer there is free journal bucket to allocate. By\nthis method, there is always 1 jouranl bucket reserved in run time.\n\nDuring the cache set registration, journal-\u003edo_reserve is 0 (false), so\nthe reserved journal bucket can be used to avoid the no-space deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49327",
"url": "https://www.suse.com/security/cve/CVE-2022-49327"
},
{
"category": "external",
"summary": "SUSE Bug 1238662 for CVE-2022-49327",
"url": "https://bugzilla.suse.com/1238662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49327"
},
{
"cve": "CVE-2022-49331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49331"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling\n\nError paths do not free previously allocated memory. Add devm_kfree() to\nthose failure paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49331",
"url": "https://www.suse.com/security/cve/CVE-2022-49331"
},
{
"category": "external",
"summary": "SUSE Bug 1237813 for CVE-2022-49331",
"url": "https://bugzilla.suse.com/1237813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49331"
},
{
"cve": "CVE-2022-49332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49332"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Address NULL pointer dereference after starget_to_rport()\n\nCalls to starget_to_rport() may return NULL. Add check for NULL rport\nbefore dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49332",
"url": "https://www.suse.com/security/cve/CVE-2022-49332"
},
{
"category": "external",
"summary": "SUSE Bug 1238236 for CVE-2022-49332",
"url": "https://bugzilla.suse.com/1238236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49332"
},
{
"cve": "CVE-2022-49335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49335"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/cs: make commands with 0 chunks illegal behaviour.\n\nSubmitting a cs with 0 chunks, causes an oops later, found trying\nto execute the wrong userspace driver.\n\nMESA_LOADER_DRIVER_OVERRIDE=v3d glxinfo\n\n[172536.665184] BUG: kernel NULL pointer dereference, address: 00000000000001d8\n[172536.665188] #PF: supervisor read access in kernel mode\n[172536.665189] #PF: error_code(0x0000) - not-present page\n[172536.665191] PGD 6712a0067 P4D 6712a0067 PUD 5af9ff067 PMD 0\n[172536.665195] Oops: 0000 [#1] SMP NOPTI\n[172536.665197] CPU: 7 PID: 2769838 Comm: glxinfo Tainted: P O 5.10.81 #1-NixOS\n[172536.665199] Hardware name: To be filled by O.E.M. To be filled by O.E.M./CROSSHAIR V FORMULA-Z, BIOS 2201 03/23/2015\n[172536.665272] RIP: 0010:amdgpu_cs_ioctl+0x96/0x1ce0 [amdgpu]\n[172536.665274] Code: 75 18 00 00 4c 8b b2 88 00 00 00 8b 46 08 48 89 54 24 68 49 89 f7 4c 89 5c 24 60 31 d2 4c 89 74 24 30 85 c0 0f 85 c0 01 00 00 \u003c48\u003e 83 ba d8 01 00 00 00 48 8b b4 24 90 00 00 00 74 16 48 8b 46 10\n[172536.665276] RSP: 0018:ffffb47c0e81bbe0 EFLAGS: 00010246\n[172536.665277] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[172536.665278] RDX: 0000000000000000 RSI: ffffb47c0e81be28 RDI: ffffb47c0e81bd68\n[172536.665279] RBP: ffff936524080010 R08: 0000000000000000 R09: ffffb47c0e81be38\n[172536.665281] R10: ffff936524080010 R11: ffff936524080000 R12: ffffb47c0e81bc40\n[172536.665282] R13: ffffb47c0e81be28 R14: ffff9367bc410000 R15: ffffb47c0e81be28\n[172536.665283] FS: 00007fe35e05d740(0000) GS:ffff936c1edc0000(0000) knlGS:0000000000000000\n[172536.665284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[172536.665286] CR2: 00000000000001d8 CR3: 0000000532e46000 CR4: 00000000000406e0\n[172536.665287] Call Trace:\n[172536.665322] ? amdgpu_cs_find_mapping+0x110/0x110 [amdgpu]\n[172536.665332] drm_ioctl_kernel+0xaa/0xf0 [drm]\n[172536.665338] drm_ioctl+0x201/0x3b0 [drm]\n[172536.665369] ? amdgpu_cs_find_mapping+0x110/0x110 [amdgpu]\n[172536.665372] ? selinux_file_ioctl+0x135/0x230\n[172536.665399] amdgpu_drm_ioctl+0x49/0x80 [amdgpu]\n[172536.665403] __x64_sys_ioctl+0x83/0xb0\n[172536.665406] do_syscall_64+0x33/0x40\n[172536.665409] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nBug: https://gitlab.freedesktop.org/drm/amd/-/issues/2018",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49335",
"url": "https://www.suse.com/security/cve/CVE-2022-49335"
},
{
"category": "external",
"summary": "SUSE Bug 1238377 for CVE-2022-49335",
"url": "https://bugzilla.suse.com/1238377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49335"
},
{
"cve": "CVE-2022-49343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid cycles in directory h-tree\n\nA maliciously corrupted filesystem can contain cycles in the h-tree\nstored inside a directory. That can easily lead to the kernel corrupting\ntree nodes that were already verified under its hands while doing a node\nsplit and consequently accessing unallocated memory. Fix the problem by\nverifying traversed block numbers are unique.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49343",
"url": "https://www.suse.com/security/cve/CVE-2022-49343"
},
{
"category": "external",
"summary": "SUSE Bug 1238382 for CVE-2022-49343",
"url": "https://bugzilla.suse.com/1238382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49343"
},
{
"cve": "CVE-2022-49347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49347"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug_on in ext4_writepages\n\nwe got issue as follows:\nEXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls\n------------[ cut here ]------------\nkernel BUG at fs/ext4/inode.c:2708!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 2 PID: 2147 Comm: rep Not tainted 5.18.0-rc2-next-20220413+ #155\nRIP: 0010:ext4_writepages+0x1977/0x1c10\nRSP: 0018:ffff88811d3e7880 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88811c098000\nRDX: 0000000000000000 RSI: ffff88811c098000 RDI: 0000000000000002\nRBP: ffff888128140f50 R08: ffffffffb1ff6387 R09: 0000000000000000\nR10: 0000000000000007 R11: ffffed10250281ea R12: 0000000000000001\nR13: 00000000000000a4 R14: ffff88811d3e7bb8 R15: ffff888128141028\nFS: 00007f443aed9740(0000) GS:ffff8883aef00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020007200 CR3: 000000011c2a4000 CR4: 00000000000006e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n do_writepages+0x130/0x3a0\n filemap_fdatawrite_wbc+0x83/0xa0\n filemap_flush+0xab/0xe0\n ext4_alloc_da_blocks+0x51/0x120\n __ext4_ioctl+0x1534/0x3210\n __x64_sys_ioctl+0x12c/0x170\n do_syscall_64+0x3b/0x90\n\nIt may happen as follows:\n1. write inline_data inode\nvfs_write\n new_sync_write\n ext4_file_write_iter\n ext4_buffered_write_iter\n generic_perform_write\n ext4_da_write_begin\n ext4_da_write_inline_data_begin -\u003e If inline data size too\n small will allocate block to write, then mapping will has\n dirty page\n ext4_da_convert_inline_data_to_extent -\u003eclear EXT4_STATE_MAY_INLINE_DATA\n2. fallocate\ndo_vfs_ioctl\n ioctl_preallocate\n vfs_fallocate\n ext4_fallocate\n ext4_convert_inline_data\n ext4_convert_inline_data_nolock\n ext4_map_blocks -\u003e fail will goto restore data\n ext4_restore_inline_data\n ext4_create_inline_data\n ext4_write_inline_data\n ext4_set_inode_state -\u003e set inode EXT4_STATE_MAY_INLINE_DATA\n3. writepages\n__ext4_ioctl\n ext4_alloc_da_blocks\n filemap_flush\n filemap_fdatawrite_wbc\n do_writepages\n ext4_writepages\n if (ext4_has_inline_data(inode))\n BUG_ON(ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA))\n\nThe root cause of this issue is we destory inline data until call\next4_writepages under delay allocation mode. But there maybe already\nconvert from inline to extent. To solve this issue, we call\nfilemap_flush first..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49347",
"url": "https://www.suse.com/security/cve/CVE-2022-49347"
},
{
"category": "external",
"summary": "SUSE Bug 1238393 for CVE-2022-49347",
"url": "https://bugzilla.suse.com/1238393"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49347"
},
{
"cve": "CVE-2022-49349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49349"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free in ext4_rename_dir_prepare\n\nWe got issue as follows:\nEXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue\next4_get_first_dir_block: bh-\u003eb_data=0xffff88810bee6000 len=34478\next4_get_first_dir_block: *parent_de=0xffff88810beee6ae bh-\u003eb_data=0xffff88810bee6000\next4_rename_dir_prepare: [1] parent_de=0xffff88810beee6ae\n==================================================================\nBUG: KASAN: use-after-free in ext4_rename_dir_prepare+0x152/0x220\nRead of size 4 at addr ffff88810beee6ae by task rep/1895\n\nCPU: 13 PID: 1895 Comm: rep Not tainted 5.10.0+ #241\nCall Trace:\n dump_stack+0xbe/0xf9\n print_address_description.constprop.0+0x1e/0x220\n kasan_report.cold+0x37/0x7f\n ext4_rename_dir_prepare+0x152/0x220\n ext4_rename+0xf44/0x1ad0\n ext4_rename2+0x11c/0x170\n vfs_rename+0xa84/0x1440\n do_renameat2+0x683/0x8f0\n __x64_sys_renameat+0x53/0x60\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\nRIP: 0033:0x7f45a6fc41c9\nRSP: 002b:00007ffc5a470218 EFLAGS: 00000246 ORIG_RAX: 0000000000000108\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f45a6fc41c9\nRDX: 0000000000000005 RSI: 0000000020000180 RDI: 0000000000000005\nRBP: 00007ffc5a470240 R08: 00007ffc5a470160 R09: 0000000020000080\nR10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000400bb0\nR13: 00007ffc5a470320 R14: 0000000000000000 R15: 0000000000000000\n\nThe buggy address belongs to the page:\npage:00000000440015ce refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x10beee\nflags: 0x200000000000000()\nraw: 0200000000000000 ffffea00043ff4c8 ffffea0004325608 0000000000000000\nraw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff88810beee580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88810beee600: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\u003effff88810beee680: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff88810beee700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88810beee780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n==================================================================\nDisabling lock debugging due to kernel taint\next4_rename_dir_prepare: [2] parent_de-\u003einode=3537895424\next4_rename_dir_prepare: [3] dir=0xffff888124170140\next4_rename_dir_prepare: [4] ino=2\next4_rename_dir_prepare: ent-\u003edir-\u003ei_ino=2 parent=-757071872\n\nReason is first directory entry which \u0027rec_len\u0027 is 34478, then will get illegal\nparent entry. Now, we do not check directory entry after read directory block\nin \u0027ext4_get_first_dir_block\u0027.\nTo solve this issue, check directory entry in \u0027ext4_get_first_dir_block\u0027.\n\n[ Trigger an ext4_error() instead of just warning if the directory is\n missing a \u0027.\u0027 or \u0027..\u0027 entry. Also make sure we return an error code\n if the file system is corrupted. -TYT ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49349",
"url": "https://www.suse.com/security/cve/CVE-2022-49349"
},
{
"category": "external",
"summary": "SUSE Bug 1238372 for CVE-2022-49349",
"url": "https://bugzilla.suse.com/1238372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49349"
},
{
"cve": "CVE-2022-49352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix warning in ext4_handle_inode_extension\n\nWe got issue as follows:\nEXT4-fs error (device loop0) in ext4_reserve_inode_write:5741: Out of memory\nEXT4-fs error (device loop0): ext4_setattr:5462: inode #13: comm syz-executor.0: mark_inode_dirty error\nEXT4-fs error (device loop0) in ext4_setattr:5519: Out of memory\nEXT4-fs error (device loop0): ext4_ind_map_blocks:595: inode #13: comm syz-executor.0: Can\u0027t allocate blocks for non-extent mapped inodes with bigalloc\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 4361 at fs/ext4/file.c:301 ext4_file_write_iter+0x11c9/0x1220\nModules linked in:\nCPU: 1 PID: 4361 Comm: syz-executor.0 Not tainted 5.10.0+ #1\nRIP: 0010:ext4_file_write_iter+0x11c9/0x1220\nRSP: 0018:ffff924d80b27c00 EFLAGS: 00010282\nRAX: ffffffff815a3379 RBX: 0000000000000000 RCX: 000000003b000000\nRDX: ffff924d81601000 RSI: 00000000000009cc RDI: 00000000000009cd\nRBP: 000000000000000d R08: ffffffffbc5a2c6b R09: 0000902e0e52a96f\nR10: ffff902e2b7c1b40 R11: ffff902e2b7c1b40 R12: 000000000000000a\nR13: 0000000000000001 R14: ffff902e0e52aa10 R15: ffffffffffffff8b\nFS: 00007f81a7f65700(0000) GS:ffff902e3bc80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffff600400 CR3: 000000012db88001 CR4: 00000000003706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n do_iter_readv_writev+0x2e5/0x360\n do_iter_write+0x112/0x4c0\n do_pwritev+0x1e5/0x390\n __x64_sys_pwritev2+0x7e/0xa0\n do_syscall_64+0x37/0x50\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nAbove issue may happen as follows:\nAssume\ninode.i_size=4096\nEXT4_I(inode)-\u003ei_disksize=4096\n\nstep 1: set inode-\u003ei_isize = 8192\next4_setattr\n if (attr-\u003eia_size != inode-\u003ei_size)\n EXT4_I(inode)-\u003ei_disksize = attr-\u003eia_size;\n rc = ext4_mark_inode_dirty\n ext4_reserve_inode_write\n ext4_get_inode_loc\n __ext4_get_inode_loc\n sb_getblk --\u003e return -ENOMEM\n ...\n if (!error) -\u003ewill not update i_size\n i_size_write(inode, attr-\u003eia_size);\nNow:\ninode.i_size=4096\nEXT4_I(inode)-\u003ei_disksize=8192\n\nstep 2: Direct write 4096 bytes\next4_file_write_iter\n ext4_dio_write_iter\n iomap_dio_rw -\u003ereturn error\n if (extend)\n ext4_handle_inode_extension\n WARN_ON_ONCE(i_size_read(inode) \u003c EXT4_I(inode)-\u003ei_disksize);\n-\u003eThen trigger warning.\n\nTo solve above issue, if mark inode dirty failed in ext4_setattr just\nset \u0027EXT4_I(inode)-\u003ei_disksize\u0027 with old value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49352",
"url": "https://www.suse.com/security/cve/CVE-2022-49352"
},
{
"category": "external",
"summary": "SUSE Bug 1238395 for CVE-2022-49352",
"url": "https://bugzilla.suse.com/1238395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49352"
},
{
"cve": "CVE-2022-49357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: Do not import certificates from UEFI Secure Boot for T2 Macs\n\nOn Apple T2 Macs, when Linux attempts to read the db and dbx efi variables\nat early boot to load UEFI Secure Boot certificates, a page fault occurs\nin Apple firmware code and EFI runtime services are disabled with the\nfollowing logs:\n\n[Firmware Bug]: Page fault caused by firmware at PA: 0xffffb1edc0068000\nWARNING: CPU: 3 PID: 104 at arch/x86/platform/efi/quirks.c:735 efi_crash_gracefully_on_page_fault+0x50/0xf0\n(Removed some logs from here)\nCall Trace:\n \u003cTASK\u003e\n page_fault_oops+0x4f/0x2c0\n ? search_bpf_extables+0x6b/0x80\n ? search_module_extables+0x50/0x80\n ? search_exception_tables+0x5b/0x60\n kernelmode_fixup_or_oops+0x9e/0x110\n __bad_area_nosemaphore+0x155/0x190\n bad_area_nosemaphore+0x16/0x20\n do_kern_addr_fault+0x8c/0xa0\n exc_page_fault+0xd8/0x180\n asm_exc_page_fault+0x1e/0x30\n(Removed some logs from here)\n ? __efi_call+0x28/0x30\n ? switch_mm+0x20/0x30\n ? efi_call_rts+0x19a/0x8e0\n ? process_one_work+0x222/0x3f0\n ? worker_thread+0x4a/0x3d0\n ? kthread+0x17a/0x1a0\n ? process_one_work+0x3f0/0x3f0\n ? set_kthread_struct+0x40/0x40\n ? ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n---[ end trace 1f82023595a5927f ]---\nefi: Froze efi_rts_wq and disabled EFI Runtime Services\nintegrity: Couldn\u0027t get size: 0x8000000000000015\nintegrity: MODSIGN: Couldn\u0027t get UEFI db list\nefi: EFI Runtime Services are disabled!\nintegrity: Couldn\u0027t get size: 0x8000000000000015\nintegrity: Couldn\u0027t get UEFI dbx list\nintegrity: Couldn\u0027t get size: 0x8000000000000015\nintegrity: Couldn\u0027t get mokx list\nintegrity: Couldn\u0027t get size: 0x80000000\n\nSo we avoid reading these UEFI variables and thus prevent the crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49357",
"url": "https://www.suse.com/security/cve/CVE-2022-49357"
},
{
"category": "external",
"summary": "SUSE Bug 1238631 for CVE-2022-49357",
"url": "https://bugzilla.suse.com/1238631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49357"
},
{
"cve": "CVE-2022-49370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49370"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix this issue by calling kobject_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49370",
"url": "https://www.suse.com/security/cve/CVE-2022-49370"
},
{
"category": "external",
"summary": "SUSE Bug 1238467 for CVE-2022-49370",
"url": "https://bugzilla.suse.com/1238467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49370"
},
{
"cve": "CVE-2022-49371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix deadlock in __device_attach\n\nIn __device_attach function, The lock holding logic is as follows:\n...\n__device_attach\ndevice_lock(dev) // get lock dev\n async_schedule_dev(__device_attach_async_helper, dev); // func\n async_schedule_node\n async_schedule_node_domain(func)\n entry = kzalloc(sizeof(struct async_entry), GFP_ATOMIC);\n\t/* when fail or work limit, sync to execute func, but\n\t __device_attach_async_helper will get lock dev as\n\t well, which will lead to A-A deadlock. */\n\tif (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK) {\n\t func;\n\telse\n\t queue_work_node(node, system_unbound_wq, \u0026entry-\u003ework)\n device_unlock(dev)\n\nAs shown above, when it is allowed to do async probes, because of\nout of memory or work limit, async work is not allowed, to do\nsync execute instead. it will lead to A-A deadlock because of\n__device_attach_async_helper getting lock dev.\n\nTo fix the deadlock, move the async_schedule_dev outside device_lock,\nas we can see, in async_schedule_node_domain, the parameter of\nqueue_work_node is system_unbound_wq, so it can accept concurrent\noperations. which will also not change the code logic, and will\nnot lead to deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49371",
"url": "https://www.suse.com/security/cve/CVE-2022-49371"
},
{
"category": "external",
"summary": "SUSE Bug 1238546 for CVE-2022-49371",
"url": "https://bugzilla.suse.com/1238546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49371"
},
{
"cve": "CVE-2022-49373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49373"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() in some error paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49373",
"url": "https://www.suse.com/security/cve/CVE-2022-49373"
},
{
"category": "external",
"summary": "SUSE Bug 1238175 for CVE-2022-49373",
"url": "https://bugzilla.suse.com/1238175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49373"
},
{
"cve": "CVE-2022-49375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: mt6397: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49375",
"url": "https://www.suse.com/security/cve/CVE-2022-49375"
},
{
"category": "external",
"summary": "SUSE Bug 1238228 for CVE-2022-49375",
"url": "https://bugzilla.suse.com/1238228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49375"
},
{
"cve": "CVE-2022-49376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49376"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sd: Fix potential NULL pointer dereference\n\nIf sd_probe() sees an early error before sdkp-\u003edevice is initialized,\nsd_zbc_release_disk() is called. This causes a NULL pointer dereference\nwhen sd_is_zoned() is called inside that function. Avoid this by removing\nthe call to sd_zbc_release_disk() in sd_probe() error path.\n\nThis change is safe and does not result in zone information memory leakage\nbecause the zone information for a zoned disk is allocated only when\nsd_revalidate_disk() is called, at which point sdkp-\u003edisk_dev is fully set,\nresulting in sd_disk_release() being called when needed to cleanup a disk\nzone information using sd_zbc_release_disk().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49376",
"url": "https://www.suse.com/security/cve/CVE-2022-49376"
},
{
"category": "external",
"summary": "SUSE Bug 1238103 for CVE-2022-49376",
"url": "https://bugzilla.suse.com/1238103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49376"
},
{
"cve": "CVE-2022-49382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: rockchip: Fix refcount leak in rockchip_grf_init\n\nof_find_matching_node_and_match returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49382",
"url": "https://www.suse.com/security/cve/CVE-2022-49382"
},
{
"category": "external",
"summary": "SUSE Bug 1238306 for CVE-2022-49382",
"url": "https://bugzilla.suse.com/1238306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49382"
},
{
"cve": "CVE-2022-49385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver: base: fix UAF when driver_attach failed\n\nWhen driver_attach(drv); failed, the driver_private will be freed.\nBut it has been added to the bus, which caused a UAF.\n\nTo fix it, we need to delete it from the bus when failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49385",
"url": "https://www.suse.com/security/cve/CVE-2022-49385"
},
{
"category": "external",
"summary": "SUSE Bug 1237951 for CVE-2022-49385",
"url": "https://bugzilla.suse.com/1237951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49385"
},
{
"cve": "CVE-2022-49389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: usbip: fix a refcount leak in stub_probe()\n\nusb_get_dev() is called in stub_device_alloc(). When stub_probe() fails\nafter that, usb_put_dev() needs to be called to release the reference.\n\nFix this by moving usb_put_dev() to sdev_free error path handling.\n\nFind this by code review.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49389",
"url": "https://www.suse.com/security/cve/CVE-2022-49389"
},
{
"category": "external",
"summary": "SUSE Bug 1238257 for CVE-2022-49389",
"url": "https://bugzilla.suse.com/1238257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49389"
},
{
"cve": "CVE-2022-49394",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49394"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iolatency: Fix inflight count imbalances and IO hangs on offline\n\niolatency needs to track the number of inflight IOs per cgroup. As this\ntracking can be expensive, it is disabled when no cgroup has iolatency\nconfigured for the device. To ensure that the inflight counters stay\nbalanced, iolatency_set_limit() freezes the request_queue while manipulating\nthe enabled counter, which ensures that no IO is in flight and thus all\ncounters are zero.\n\nUnfortunately, iolatency_set_limit() isn\u0027t the only place where the enabled\ncounter is manipulated. iolatency_pd_offline() can also dec the counter and\ntrigger disabling. As this disabling happens without freezing the q, this\ncan easily happen while some IOs are in flight and thus leak the counts.\n\nThis can be easily demonstrated by turning on iolatency on an one empty\ncgroup while IOs are in flight in other cgroups and then removing the\ncgroup. Note that iolatency shouldn\u0027t have been enabled elsewhere in the\nsystem to ensure that removing the cgroup disables iolatency for the whole\ndevice.\n\nThe following keeps flipping on and off iolatency on sda:\n\n echo +io \u003e /sys/fs/cgroup/cgroup.subtree_control\n while true; do\n mkdir -p /sys/fs/cgroup/test\n echo \u00278:0 target=100000\u0027 \u003e /sys/fs/cgroup/test/io.latency\n sleep 1\n rmdir /sys/fs/cgroup/test\n sleep 1\n done\n\nand there\u0027s concurrent fio generating direct rand reads:\n\n fio --name test --filename=/dev/sda --direct=1 --rw=randread \\\n --runtime=600 --time_based --iodepth=256 --numjobs=4 --bs=4k\n\nwhile monitoring with the following drgn script:\n\n while True:\n for css in css_for_each_descendant_pre(prog[\u0027blkcg_root\u0027].css.address_of_()):\n for pos in hlist_for_each(container_of(css, \u0027struct blkcg\u0027, \u0027css\u0027).blkg_list):\n blkg = container_of(pos, \u0027struct blkcg_gq\u0027, \u0027blkcg_node\u0027)\n pd = blkg.pd[prog[\u0027blkcg_policy_iolatency\u0027].plid]\n if pd.value_() == 0:\n continue\n iolat = container_of(pd, \u0027struct iolatency_grp\u0027, \u0027pd\u0027)\n inflight = iolat.rq_wait.inflight.counter.value_()\n if inflight:\n print(f\u0027inflight={inflight} {disk_name(blkg.q.disk).decode(\"utf-8\")} \u0027\n f\u0027{cgroup_path(css.cgroup).decode(\"utf-8\")}\u0027)\n time.sleep(1)\n\nThe monitoring output looks like the following:\n\n inflight=1 sda /user.slice\n inflight=1 sda /user.slice\n ...\n inflight=14 sda /user.slice\n inflight=13 sda /user.slice\n inflight=17 sda /user.slice\n inflight=15 sda /user.slice\n inflight=18 sda /user.slice\n inflight=17 sda /user.slice\n inflight=20 sda /user.slice\n inflight=19 sda /user.slice \u003c- fio stopped, inflight stuck at 19\n inflight=19 sda /user.slice\n inflight=19 sda /user.slice\n\nIf a cgroup with stuck inflight ends up getting throttled, the throttled IOs\nwill never get issued as there\u0027s no completion event to wake it up leading\nto an indefinite hang.\n\nThis patch fixes the bug by unifying enable handling into a work item which\nis automatically kicked off from iolatency_set_min_lat_nsec() which is\ncalled from both iolatency_set_limit() and iolatency_pd_offline() paths.\nPunting to a work item is necessary as iolatency_pd_offline() is called\nunder spinlocks while freezing a request_queue requires a sleepable context.\n\nThis also simplifies the code reducing LOC sans the comments and avoids the\nunnecessary freezes which were happening whenever a cgroup\u0027s latency target\nis newly set or cleared.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49394",
"url": "https://www.suse.com/security/cve/CVE-2022-49394"
},
{
"category": "external",
"summary": "SUSE Bug 1238712 for CVE-2022-49394",
"url": "https://bugzilla.suse.com/1238712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49394"
},
{
"cve": "CVE-2022-49396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qmp: fix reset-controller leak on probe errors\n\nMake sure to release the lane reset controller in case of a late probe\nerror (e.g. probe deferral).\n\nNote that due to the reset controller being defined in devicetree in\n\"lane\" child nodes, devm_reset_control_get_exclusive() cannot be used\ndirectly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49396",
"url": "https://www.suse.com/security/cve/CVE-2022-49396"
},
{
"category": "external",
"summary": "SUSE Bug 1238289 for CVE-2022-49396",
"url": "https://bugzilla.suse.com/1238289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49396"
},
{
"cve": "CVE-2022-49397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qmp: fix struct clk leak on probe errors\n\nMake sure to release the pipe clock reference in case of a late probe\nerror (e.g. probe deferral).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49397",
"url": "https://www.suse.com/security/cve/CVE-2022-49397"
},
{
"category": "external",
"summary": "SUSE Bug 1237823 for CVE-2022-49397",
"url": "https://bugzilla.suse.com/1237823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49397"
},
{
"cve": "CVE-2022-49398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback\n\nThe list_for_each_entry_safe() macro saves the current item (n) and\nthe item after (n+1), so that n can be safely removed without\ncorrupting the list. However, when traversing the list and removing\nitems using gadget giveback, the DWC3 lock is briefly released,\nallowing other routines to execute. There is a situation where, while\nitems are being removed from the cancelled_list using\ndwc3_gadget_ep_cleanup_cancelled_requests(), the pullup disable\nroutine is running in parallel (due to UDC unbind). As the cleanup\nroutine removes n, and the pullup disable removes n+1, once the\ncleanup retakes the DWC3 lock, it references a request who was already\nremoved/handled. With list debug enabled, this leads to a panic.\nEnsure all instances of the macro are replaced where gadget giveback\nis used.\n\nExample call stack:\n\nThread#1:\n__dwc3_gadget_ep_set_halt() - CLEAR HALT\n -\u003e dwc3_gadget_ep_cleanup_cancelled_requests()\n -\u003elist_for_each_entry_safe()\n -\u003edwc3_gadget_giveback(n)\n -\u003edwc3_gadget_del_and_unmap_request()- n deleted[cancelled_list]\n -\u003espin_unlock\n -\u003eThread#2 executes\n ...\n -\u003edwc3_gadget_giveback(n+1)\n -\u003eAlready removed!\n\nThread#2:\ndwc3_gadget_pullup()\n -\u003ewaiting for dwc3 spin_lock\n ...\n -\u003eThread#1 released lock\n -\u003edwc3_stop_active_transfers()\n -\u003edwc3_remove_requests()\n -\u003efetches n+1 item from cancelled_list (n removed by Thread#1)\n -\u003edwc3_gadget_giveback()\n -\u003edwc3_gadget_del_and_unmap_request()- n+1 deleted[cancelled_list]\n -\u003espin_unlock",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49398",
"url": "https://www.suse.com/security/cve/CVE-2022-49398"
},
{
"category": "external",
"summary": "SUSE Bug 1238621 for CVE-2022-49398",
"url": "https://bugzilla.suse.com/1238621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49398"
},
{
"cve": "CVE-2022-49399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: goldfish: Use tty_port_destroy() to destroy port\n\nIn goldfish_tty_probe(), the port initialized through tty_port_init()\nshould be destroyed in error paths.In goldfish_tty_remove(), qtty-\u003eport\nalso should be destroyed or else might leak resources.\n\nFix the above by calling tty_port_destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49399",
"url": "https://www.suse.com/security/cve/CVE-2022-49399"
},
{
"category": "external",
"summary": "SUSE Bug 1237829 for CVE-2022-49399",
"url": "https://bugzilla.suse.com/1237829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49399"
},
{
"cve": "CVE-2022-49402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Clean up hash direct_functions on register failures\n\nWe see the following GPF when register_ftrace_direct fails:\n\n[ ] general protection fault, probably for non-canonical address \\\n 0x200000000000010: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI\n[...]\n[ ] RIP: 0010:ftrace_find_rec_direct+0x53/0x70\n[ ] Code: 48 c1 e0 03 48 03 42 08 48 8b 10 31 c0 48 85 d2 74 [...]\n[ ] RSP: 0018:ffffc9000138bc10 EFLAGS: 00010206\n[ ] RAX: 0000000000000000 RBX: ffffffff813e0df0 RCX: 000000000000003b\n[ ] RDX: 0200000000000000 RSI: 000000000000000c RDI: ffffffff813e0df0\n[ ] RBP: ffffffffa00a3000 R08: ffffffff81180ce0 R09: 0000000000000001\n[ ] R10: ffffc9000138bc18 R11: 0000000000000001 R12: ffffffff813e0df0\n[ ] R13: ffffffff813e0df0 R14: ffff888171b56400 R15: 0000000000000000\n[ ] FS: 00007fa9420c7780(0000) GS:ffff888ff6a00000(0000) knlGS:000000000\n[ ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ ] CR2: 000000000770d000 CR3: 0000000107d50003 CR4: 0000000000370ee0\n[ ] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ ] Call Trace:\n[ ] \u003cTASK\u003e\n[ ] register_ftrace_direct+0x54/0x290\n[ ] ? render_sigset_t+0xa0/0xa0\n[ ] bpf_trampoline_update+0x3f5/0x4a0\n[ ] ? 0xffffffffa00a3000\n[ ] bpf_trampoline_link_prog+0xa9/0x140\n[ ] bpf_tracing_prog_attach+0x1dc/0x450\n[ ] bpf_raw_tracepoint_open+0x9a/0x1e0\n[ ] ? find_held_lock+0x2d/0x90\n[ ] ? lock_release+0x150/0x430\n[ ] __sys_bpf+0xbd6/0x2700\n[ ] ? lock_is_held_type+0xd8/0x130\n[ ] __x64_sys_bpf+0x1c/0x20\n[ ] do_syscall_64+0x3a/0x80\n[ ] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ ] RIP: 0033:0x7fa9421defa9\n[ ] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 9 f8 [...]\n[ ] RSP: 002b:00007ffed743bd78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141\n[ ] RAX: ffffffffffffffda RBX: 00000000069d2480 RCX: 00007fa9421defa9\n[ ] RDX: 0000000000000078 RSI: 00007ffed743bd80 RDI: 0000000000000011\n[ ] RBP: 00007ffed743be00 R08: 0000000000bb7270 R09: 0000000000000000\n[ ] R10: 00000000069da210 R11: 0000000000000246 R12: 0000000000000001\n[ ] R13: 00007ffed743c4b0 R14: 00000000069d2480 R15: 0000000000000001\n[ ] \u003c/TASK\u003e\n[ ] Modules linked in: klp_vm(OK)\n[ ] ---[ end trace 0000000000000000 ]---\n\nOne way to trigger this is:\n 1. load a livepatch that patches kernel function xxx;\n 2. run bpftrace -e \u0027kfunc:xxx {}\u0027, this will fail (expected for now);\n 3. repeat #2 =\u003e gpf.\n\nThis is because the entry is added to direct_functions, but not removed.\nFix this by remove the entry from direct_functions when\nregister_ftrace_direct fails.\n\nAlso remove the last trailing space from ftrace.c, so we don\u0027t have to\nworry about it anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49402",
"url": "https://www.suse.com/security/cve/CVE-2022-49402"
},
{
"category": "external",
"summary": "SUSE Bug 1238255 for CVE-2022-49402",
"url": "https://bugzilla.suse.com/1238255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49402"
},
{
"cve": "CVE-2022-49404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: Fix potential integer multiplication overflow errors\n\nWhen multiplying of different types, an overflow is possible even when\nstoring the result in a larger type. This is because the conversion is\ndone after the multiplication. So arithmetic overflow and thus in\nincorrect value is possible.\n\nCorrect an instance of this in the inter packet delay calculation. Fix by\nensuring one of the operands is u64 which will promote the other to u64 as\nwell ensuring no overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49404",
"url": "https://www.suse.com/security/cve/CVE-2022-49404"
},
{
"category": "external",
"summary": "SUSE Bug 1238430 for CVE-2022-49404",
"url": "https://bugzilla.suse.com/1238430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49404"
},
{
"cve": "CVE-2022-49409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug_on in __es_tree_search\n\nHulk Robot reported a BUG_ON:\n==================================================================\nkernel BUG at fs/ext4/extents_status.c:199!\n[...]\nRIP: 0010:ext4_es_end fs/ext4/extents_status.c:199 [inline]\nRIP: 0010:__es_tree_search+0x1e0/0x260 fs/ext4/extents_status.c:217\n[...]\nCall Trace:\n ext4_es_cache_extent+0x109/0x340 fs/ext4/extents_status.c:766\n ext4_cache_extents+0x239/0x2e0 fs/ext4/extents.c:561\n ext4_find_extent+0x6b7/0xa20 fs/ext4/extents.c:964\n ext4_ext_map_blocks+0x16b/0x4b70 fs/ext4/extents.c:4384\n ext4_map_blocks+0xe26/0x19f0 fs/ext4/inode.c:567\n ext4_getblk+0x320/0x4c0 fs/ext4/inode.c:980\n ext4_bread+0x2d/0x170 fs/ext4/inode.c:1031\n ext4_quota_read+0x248/0x320 fs/ext4/super.c:6257\n v2_read_header+0x78/0x110 fs/quota/quota_v2.c:63\n v2_check_quota_file+0x76/0x230 fs/quota/quota_v2.c:82\n vfs_load_quota_inode+0x5d1/0x1530 fs/quota/dquot.c:2368\n dquot_enable+0x28a/0x330 fs/quota/dquot.c:2490\n ext4_quota_enable fs/ext4/super.c:6137 [inline]\n ext4_enable_quotas+0x5d7/0x960 fs/ext4/super.c:6163\n ext4_fill_super+0xa7c9/0xdc00 fs/ext4/super.c:4754\n mount_bdev+0x2e9/0x3b0 fs/super.c:1158\n mount_fs+0x4b/0x1e4 fs/super.c:1261\n[...]\n==================================================================\n\nAbove issue may happen as follows:\n-------------------------------------\next4_fill_super\n ext4_enable_quotas\n ext4_quota_enable\n ext4_iget\n __ext4_iget\n ext4_ext_check_inode\n ext4_ext_check\n __ext4_ext_check\n ext4_valid_extent_entries\n Check for overlapping extents does\u0027t take effect\n dquot_enable\n vfs_load_quota_inode\n v2_check_quota_file\n v2_read_header\n ext4_quota_read\n ext4_bread\n ext4_getblk\n ext4_map_blocks\n ext4_ext_map_blocks\n ext4_find_extent\n ext4_cache_extents\n ext4_es_cache_extent\n ext4_es_cache_extent\n __es_tree_search\n ext4_es_end\n BUG_ON(es-\u003ees_lblk + es-\u003ees_len \u003c es-\u003ees_lblk)\n\nThe error ext4 extents is as follows:\n0af3 0300 0400 0000 00000000 extent_header\n00000000 0100 0000 12000000 extent1\n00000000 0100 0000 18000000 extent2\n02000000 0400 0000 14000000 extent3\n\nIn the ext4_valid_extent_entries function,\nif prev is 0, no error is returned even if lblock\u003c=prev.\nThis was intended to skip the check on the first extent, but\nin the error image above, prev=0+1-1=0 when checking the second extent,\nso even though lblock\u003c=prev, the function does not return an error.\nAs a result, bug_ON occurs in __es_tree_search and the system panics.\n\nTo solve this problem, we only need to check that:\n1. The lblock of the first extent is not less than 0.\n2. The lblock of the next extent is not less than\n the next block of the previous extent.\nThe same applies to extent_idx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49409",
"url": "https://www.suse.com/security/cve/CVE-2022-49409"
},
{
"category": "external",
"summary": "SUSE Bug 1238279 for CVE-2022-49409",
"url": "https://bugzilla.suse.com/1238279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49409"
},
{
"cve": "CVE-2022-49410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix potential double free in create_var_ref()\n\nIn create_var_ref(), init_var_ref() is called to initialize the fields\nof variable ref_field, which is allocated in the previous function call\nto create_hist_field(). Function init_var_ref() allocates the\ncorresponding fields such as ref_field-\u003esystem, but frees these fields\nwhen the function encounters an error. The caller later calls\ndestroy_hist_field() to conduct error handling, which frees the fields\nand the variable itself. This results in double free of the fields which\nare already freed in the previous function.\n\nFix this by storing NULL to the corresponding fields when they are freed\nin init_var_ref().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49410",
"url": "https://www.suse.com/security/cve/CVE-2022-49410"
},
{
"category": "external",
"summary": "SUSE Bug 1238441 for CVE-2022-49410",
"url": "https://bugzilla.suse.com/1238441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49410"
},
{
"cve": "CVE-2022-49411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbfq: Make sure bfqg for which we are queueing requests is online\n\nBios queued into BFQ IO scheduler can be associated with a cgroup that\nwas already offlined. This may then cause insertion of this bfq_group\ninto a service tree. But this bfq_group will get freed as soon as last\nbio associated with it is completed leading to use after free issues for\nservice tree users. Fix the problem by making sure we always operate on\nonline bfq_group. If the bfq_group associated with the bio is not\nonline, we pick the first online parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49411",
"url": "https://www.suse.com/security/cve/CVE-2022-49411"
},
{
"category": "external",
"summary": "SUSE Bug 1238307 for CVE-2022-49411",
"url": "https://bugzilla.suse.com/1238307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49411"
},
{
"cve": "CVE-2022-49413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbfq: Update cgroup information before merging bio\n\nWhen the process is migrated to a different cgroup (or in case of\nwriteback just starts submitting bios associated with a different\ncgroup) bfq_merge_bio() can operate with stale cgroup information in\nbic. Thus the bio can be merged to a request from a different cgroup or\nit can result in merging of bfqqs for different cgroups or bfqqs of\nalready dead cgroups and causing possible use-after-free issues. Fix the\nproblem by updating cgroup information in bfq_merge_bio().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49413",
"url": "https://www.suse.com/security/cve/CVE-2022-49413"
},
{
"category": "external",
"summary": "SUSE Bug 1238710 for CVE-2022-49413",
"url": "https://bugzilla.suse.com/1238710"
},
{
"category": "external",
"summary": "SUSE Bug 1238711 for CVE-2022-49413",
"url": "https://bugzilla.suse.com/1238711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49413"
},
{
"cve": "CVE-2022-49414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix race condition between ext4_write and ext4_convert_inline_data\n\nHulk Robot reported a BUG_ON:\n ==================================================================\n EXT4-fs error (device loop3): ext4_mb_generate_buddy:805: group 0,\n block bitmap and bg descriptor inconsistent: 25 vs 31513 free clusters\n kernel BUG at fs/ext4/ext4_jbd2.c:53!\n invalid opcode: 0000 [#1] SMP KASAN PTI\n CPU: 0 PID: 25371 Comm: syz-executor.3 Not tainted 5.10.0+ #1\n RIP: 0010:ext4_put_nojournal fs/ext4/ext4_jbd2.c:53 [inline]\n RIP: 0010:__ext4_journal_stop+0x10e/0x110 fs/ext4/ext4_jbd2.c:116\n [...]\n Call Trace:\n ext4_write_inline_data_end+0x59a/0x730 fs/ext4/inline.c:795\n generic_perform_write+0x279/0x3c0 mm/filemap.c:3344\n ext4_buffered_write_iter+0x2e3/0x3d0 fs/ext4/file.c:270\n ext4_file_write_iter+0x30a/0x11c0 fs/ext4/file.c:520\n do_iter_readv_writev+0x339/0x3c0 fs/read_write.c:732\n do_iter_write+0x107/0x430 fs/read_write.c:861\n vfs_writev fs/read_write.c:934 [inline]\n do_pwritev+0x1e5/0x380 fs/read_write.c:1031\n [...]\n ==================================================================\n\nAbove issue may happen as follows:\n cpu1 cpu2\n__________________________|__________________________\ndo_pwritev\n vfs_writev\n do_iter_write\n ext4_file_write_iter\n ext4_buffered_write_iter\n generic_perform_write\n ext4_da_write_begin\n vfs_fallocate\n ext4_fallocate\n ext4_convert_inline_data\n ext4_convert_inline_data_nolock\n ext4_destroy_inline_data_nolock\n clear EXT4_STATE_MAY_INLINE_DATA\n ext4_map_blocks\n ext4_ext_map_blocks\n ext4_mb_new_blocks\n ext4_mb_regular_allocator\n ext4_mb_good_group_nolock\n ext4_mb_init_group\n ext4_mb_init_cache\n ext4_mb_generate_buddy --\u003e error\n ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)\n ext4_restore_inline_data\n set EXT4_STATE_MAY_INLINE_DATA\n ext4_block_write_begin\n ext4_da_write_end\n ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)\n ext4_write_inline_data_end\n handle=NULL\n ext4_journal_stop(handle)\n __ext4_journal_stop\n ext4_put_nojournal(handle)\n ref_cnt = (unsigned long)handle\n BUG_ON(ref_cnt == 0) ---\u003e BUG_ON\n\nThe lock held by ext4_convert_inline_data is xattr_sem, but the lock\nheld by generic_perform_write is i_rwsem. Therefore, the two locks can\nbe concurrent.\n\nTo solve above issue, we add inode_lock() for ext4_convert_inline_data().\nAt the same time, move ext4_convert_inline_data() in front of\next4_punch_hole(), remove similar handling from ext4_punch_hole().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49414",
"url": "https://www.suse.com/security/cve/CVE-2022-49414"
},
{
"category": "external",
"summary": "SUSE Bug 1238623 for CVE-2022-49414",
"url": "https://bugzilla.suse.com/1238623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49414"
},
{
"cve": "CVE-2022-49416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix use-after-free in chanctx code\n\nIn ieee80211_vif_use_reserved_context(), when we have an\nold context and the new context\u0027s replace_state is set to\nIEEE80211_CHANCTX_REPLACE_NONE, we free the old context\nin ieee80211_vif_use_reserved_reassign(). Therefore, we\ncannot check the old_ctx anymore, so we should set it to\nNULL after this point.\n\nHowever, since the new_ctx replace state is clearly not\nIEEE80211_CHANCTX_REPLACES_OTHER, we\u0027re not going to do\nanything else in this function and can just return to\navoid accessing the freed old_ctx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49416",
"url": "https://www.suse.com/security/cve/CVE-2022-49416"
},
{
"category": "external",
"summary": "SUSE Bug 1238293 for CVE-2022-49416",
"url": "https://bugzilla.suse.com/1238293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49416"
},
{
"cve": "CVE-2022-49421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49421"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup\n\nof_parse_phandle() returns a node pointer with refcount incremented, we should\nuse of_node_put() on it when not need anymore. Add missing of_node_put() to\navoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49421",
"url": "https://www.suse.com/security/cve/CVE-2022-49421"
},
{
"category": "external",
"summary": "SUSE Bug 1238819 for CVE-2022-49421",
"url": "https://bugzilla.suse.com/1238819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49421"
},
{
"cve": "CVE-2022-49422",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49422"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix the error handling path in idxd_cdev_register()\n\nIf a call to alloc_chrdev_region() fails, the already allocated resources\nare leaking.\n\nAdd the needed error handling path to fix the leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49422",
"url": "https://www.suse.com/security/cve/CVE-2022-49422"
},
{
"category": "external",
"summary": "SUSE Bug 1237784 for CVE-2022-49422",
"url": "https://bugzilla.suse.com/1237784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49422"
},
{
"cve": "CVE-2022-49437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/xive: Fix refcount leak in xive_spapr_init\n\nof_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49437",
"url": "https://www.suse.com/security/cve/CVE-2022-49437"
},
{
"category": "external",
"summary": "SUSE Bug 1238443 for CVE-2022-49437",
"url": "https://bugzilla.suse.com/1238443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49437"
},
{
"cve": "CVE-2022-49438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: sparcspkr - fix refcount leak in bbc_beep_probe\n\nof_find_node_by_path() calls of_find_node_opts_by_path(),\nwhich returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49438",
"url": "https://www.suse.com/security/cve/CVE-2022-49438"
},
{
"category": "external",
"summary": "SUSE Bug 1238242 for CVE-2022-49438",
"url": "https://bugzilla.suse.com/1238242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49438"
},
{
"cve": "CVE-2022-49441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: fix deadlock caused by calling printk() under tty_port-\u003elock\n\npty_write() invokes kmalloc() which may invoke a normal printk() to print\nfailure message. This can cause a deadlock in the scenario reported by\nsyz-bot below:\n\n CPU0 CPU1 CPU2\n ---- ---- ----\n lock(console_owner);\n lock(\u0026port_lock_key);\n lock(\u0026port-\u003elock);\n lock(\u0026port_lock_key);\n lock(\u0026port-\u003elock);\n lock(console_owner);\n\nAs commit dbdda842fe96 (\"printk: Add console owner and waiter logic to\nload balance console writes\") said, such deadlock can be prevented by\nusing printk_deferred() in kmalloc() (which is invoked in the section\nguarded by the port-\u003elock). But there are too many printk() on the\nkmalloc() path, and kmalloc() can be called from anywhere, so changing\nprintk() to printk_deferred() is too complicated and inelegant.\n\nTherefore, this patch chooses to specify __GFP_NOWARN to kmalloc(), so\nthat printk() will not be called, and this deadlock problem can be\navoided.\n\nSyzbot reported the following lockdep error:\n\n======================================================\nWARNING: possible circular locking dependency detected\n5.4.143-00237-g08ccc19a-dirty #10 Not tainted\n------------------------------------------------------\nsyz-executor.4/29420 is trying to acquire lock:\nffffffff8aedb2a0 (console_owner){....}-{0:0}, at: console_trylock_spinning kernel/printk/printk.c:1752 [inline]\nffffffff8aedb2a0 (console_owner){....}-{0:0}, at: vprintk_emit+0x2ca/0x470 kernel/printk/printk.c:2023\n\nbut task is already holding lock:\nffff8880119c9158 (\u0026port-\u003elock){-.-.}-{2:2}, at: pty_write+0xf4/0x1f0 drivers/tty/pty.c:120\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #2 (\u0026port-\u003elock){-.-.}-{2:2}:\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x35/0x50 kernel/locking/spinlock.c:159\n tty_port_tty_get drivers/tty/tty_port.c:288 [inline] \t\t\u003c-- lock(\u0026port-\u003elock);\n tty_port_default_wakeup+0x1d/0xb0 drivers/tty/tty_port.c:47\n serial8250_tx_chars+0x530/0xa80 drivers/tty/serial/8250/8250_port.c:1767\n serial8250_handle_irq.part.0+0x31f/0x3d0 drivers/tty/serial/8250/8250_port.c:1854\n serial8250_handle_irq drivers/tty/serial/8250/8250_port.c:1827 [inline] \t\u003c-- lock(\u0026port_lock_key);\n serial8250_default_handle_irq+0xb2/0x220 drivers/tty/serial/8250/8250_port.c:1870\n serial8250_interrupt+0xfd/0x200 drivers/tty/serial/8250/8250_core.c:126\n __handle_irq_event_percpu+0x109/0xa50 kernel/irq/handle.c:156\n [...]\n\n-\u003e #1 (\u0026port_lock_key){-.-.}-{2:2}:\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x35/0x50 kernel/locking/spinlock.c:159\n serial8250_console_write+0x184/0xa40 drivers/tty/serial/8250/8250_port.c:3198\n\t\t\t\t\t\t\t\t\t\t\u003c-- lock(\u0026port_lock_key);\n call_console_drivers kernel/printk/printk.c:1819 [inline]\n console_unlock+0x8cb/0xd00 kernel/printk/printk.c:2504\n vprintk_emit+0x1b5/0x470 kernel/printk/printk.c:2024\t\t\t\u003c-- lock(console_owner);\n vprintk_func+0x8d/0x250 kernel/printk/printk_safe.c:394\n printk+0xba/0xed kernel/printk/printk.c:2084\n register_console+0x8b3/0xc10 kernel/printk/printk.c:2829\n univ8250_console_init+0x3a/0x46 drivers/tty/serial/8250/8250_core.c:681\n console_init+0x49d/0x6d3 kernel/printk/printk.c:2915\n start_kernel+0x5e9/0x879 init/main.c:713\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:241\n\n-\u003e #0 (console_owner){....}-{0:0}:\n [...]\n lock_acquire+0x127/0x340 kernel/locking/lockdep.c:4734\n console_trylock_spinning kernel/printk/printk.c:1773 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49441",
"url": "https://www.suse.com/security/cve/CVE-2022-49441"
},
{
"category": "external",
"summary": "SUSE Bug 1238263 for CVE-2022-49441",
"url": "https://bugzilla.suse.com/1238263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49441"
},
{
"cve": "CVE-2022-49442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49442"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/base/node.c: fix compaction sysfs file leak\n\nCompaction sysfs file is created via compaction_register_node in\nregister_node. But we forgot to remove it in unregister_node. Thus\ncompaction sysfs file is leaked. Using compaction_unregister_node to fix\nthis issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49442",
"url": "https://www.suse.com/security/cve/CVE-2022-49442"
},
{
"category": "external",
"summary": "SUSE Bug 1238243 for CVE-2022-49442",
"url": "https://bugzilla.suse.com/1238243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49442"
},
{
"cve": "CVE-2022-49446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvdimm: Fix firmware activation deadlock scenarios\n\nLockdep reports the following deadlock scenarios for CXL root device\npower-management, device_prepare(), operations, and device_shutdown()\noperations for \u0027nd_region\u0027 devices:\n\n Chain exists of:\n \u0026nvdimm_region_key --\u003e \u0026nvdimm_bus-\u003ereconfig_mutex --\u003e system_transition_mutex\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(system_transition_mutex);\n lock(\u0026nvdimm_bus-\u003ereconfig_mutex);\n lock(system_transition_mutex);\n lock(\u0026nvdimm_region_key);\n\n Chain exists of:\n \u0026cxl_nvdimm_bridge_key --\u003e acpi_scan_lock --\u003e \u0026cxl_root_key\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026cxl_root_key);\n lock(acpi_scan_lock);\n lock(\u0026cxl_root_key);\n lock(\u0026cxl_nvdimm_bridge_key);\n\nThese stem from holding nvdimm_bus_lock() over hibernate_quiet_exec()\nwhich walks the entire system device topology taking device_lock() along\nthe way. The nvdimm_bus_lock() is protecting against unregistration,\nmultiple simultaneous ops callers, and preventing activate_show() from\nracing activate_store(). For the first 2, the lock is redundant.\nUnregistration already flushes all ops users, and sysfs already prevents\nmultiple threads to be active in an ops handler at the same time. For\nthe last userspace should already be waiting for its last\nactivate_store() to complete, and does not need activate_show() to flush\nthe write side, so this lock usage can be deleted in these attributes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49446",
"url": "https://www.suse.com/security/cve/CVE-2022-49446"
},
{
"category": "external",
"summary": "SUSE Bug 1238822 for CVE-2022-49446",
"url": "https://bugzilla.suse.com/1238822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49446"
},
{
"cve": "CVE-2022-49451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49451"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix list protocols enumeration in the base protocol\n\nWhile enumerating protocols implemented by the SCMI platform using\nBASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is\ncurrently validated in an improper way since the check employs a sum\nbetween unsigned integers that could overflow and cause the check itself\nto be silently bypassed if the returned value \u0027loop_num_ret\u0027 is big\nenough.\n\nFix the validation avoiding the addition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49451",
"url": "https://www.suse.com/security/cve/CVE-2022-49451"
},
{
"category": "external",
"summary": "SUSE Bug 1238177 for CVE-2022-49451",
"url": "https://bugzilla.suse.com/1238177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49451"
},
{
"cve": "CVE-2022-49455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: ocxl: fix possible double free in ocxl_file_register_afu\n\ninfo_release() will be called in device_unregister() when info-\u003edev\u0027s\nreference count is 0. So there is no need to call ocxl_afu_put() and\nkfree() again.\n\nFix this by adding free_minor() and return to err_unregister error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49455",
"url": "https://www.suse.com/security/cve/CVE-2022-49455"
},
{
"category": "external",
"summary": "SUSE Bug 1238229 for CVE-2022-49455",
"url": "https://bugzilla.suse.com/1238229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49455"
},
{
"cve": "CVE-2022-49459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe\n\nplatform_get_resource() may return NULL, add proper check to\navoid potential NULL dereferencing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49459",
"url": "https://www.suse.com/security/cve/CVE-2022-49459"
},
{
"category": "external",
"summary": "SUSE Bug 1238046 for CVE-2022-49459",
"url": "https://bugzilla.suse.com/1238046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49459"
},
{
"cve": "CVE-2022-49460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: rk3399_dmc: Disable edev on remove()\n\nOtherwise we hit an unablanced enable-count when unbinding the DFI\ndevice:\n\n[ 1279.659119] ------------[ cut here ]------------\n[ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c\n...\n[ 1279.659352] Hardware name: Google Kevin (DT)\n[ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n[ 1279.659371] pc : devfreq_event_remove_edev+0x84/0x8c\n[ 1279.659380] lr : devm_devfreq_event_release+0x1c/0x28\n...\n[ 1279.659571] Call trace:\n[ 1279.659582] devfreq_event_remove_edev+0x84/0x8c\n[ 1279.659590] devm_devfreq_event_release+0x1c/0x28\n[ 1279.659602] release_nodes+0x1cc/0x244\n[ 1279.659611] devres_release_all+0x44/0x60\n[ 1279.659621] device_release_driver_internal+0x11c/0x1ac\n[ 1279.659629] device_driver_detach+0x20/0x2c\n[ 1279.659641] unbind_store+0x7c/0xb0\n[ 1279.659650] drv_attr_store+0x2c/0x40\n[ 1279.659663] sysfs_kf_write+0x44/0x58\n[ 1279.659672] kernfs_fop_write_iter+0xf4/0x190\n[ 1279.659684] vfs_write+0x2b0/0x2e4\n[ 1279.659693] ksys_write+0x80/0xec\n[ 1279.659701] __arm64_sys_write+0x24/0x30\n[ 1279.659714] el0_svc_common+0xf0/0x1d8\n[ 1279.659724] do_el0_svc_compat+0x28/0x3c\n[ 1279.659738] el0_svc_compat+0x10/0x1c\n[ 1279.659746] el0_sync_compat_handler+0xa8/0xcc\n[ 1279.659758] el0_sync_compat+0x188/0x1c0\n[ 1279.659768] ---[ end trace cec200e5094155b4 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49460",
"url": "https://www.suse.com/security/cve/CVE-2022-49460"
},
{
"category": "external",
"summary": "SUSE Bug 1238892 for CVE-2022-49460",
"url": "https://bugzilla.suse.com/1238892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49460"
},
{
"cve": "CVE-2022-49462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49462"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Fix refcount leak in a6xx_gpu_init\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\n\na6xx_gmu_init() passes the node to of_find_device_by_node()\nand of_dma_configure(), of_find_device_by_node() will takes its\nreference, of_dma_configure() doesn\u0027t need the node after usage.\n\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49462",
"url": "https://www.suse.com/security/cve/CVE-2022-49462"
},
{
"category": "external",
"summary": "SUSE Bug 1238123 for CVE-2022-49462",
"url": "https://bugzilla.suse.com/1238123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49462"
},
{
"cve": "CVE-2022-49465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-throttle: Set BIO_THROTTLED when bio has been throttled\n\n1.In current process, all bio will set the BIO_THROTTLED flag\nafter __blk_throtl_bio().\n\n2.If bio needs to be throttled, it will start the timer and\nstop submit bio directly. Bio will submit in\nblk_throtl_dispatch_work_fn() when the timer expires.But in\nthe current process, if bio is throttled. The BIO_THROTTLED\nwill be set to bio after timer start. If the bio has been\ncompleted, it may cause use-after-free blow.\n\nBUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70\nRead of size 2 at addr ffff88801b8902d4 by task fio/26380\n\n dump_stack+0x9b/0xce\n print_address_description.constprop.6+0x3e/0x60\n kasan_report.cold.9+0x22/0x3a\n blk_throtl_bio+0x12f0/0x2c70\n submit_bio_checks+0x701/0x1550\n submit_bio_noacct+0x83/0xc80\n submit_bio+0xa7/0x330\n mpage_readahead+0x380/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nAllocated by task 26380:\n kasan_save_stack+0x19/0x40\n __kasan_kmalloc.constprop.2+0xc1/0xd0\n kmem_cache_alloc+0x146/0x440\n mempool_alloc+0x125/0x2f0\n bio_alloc_bioset+0x353/0x590\n mpage_alloc+0x3b/0x240\n do_mpage_readpage+0xddf/0x1ef0\n mpage_readahead+0x264/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nFreed by task 0:\n kasan_save_stack+0x19/0x40\n kasan_set_track+0x1c/0x30\n kasan_set_free_info+0x1b/0x30\n __kasan_slab_free+0x111/0x160\n kmem_cache_free+0x94/0x460\n mempool_free+0xd6/0x320\n bio_free+0xe0/0x130\n bio_put+0xab/0xe0\n bio_endio+0x3a6/0x5d0\n blk_update_request+0x590/0x1370\n scsi_end_request+0x7d/0x400\n scsi_io_completion+0x1aa/0xe50\n scsi_softirq_done+0x11b/0x240\n blk_mq_complete_request+0xd4/0x120\n scsi_mq_done+0xf0/0x200\n virtscsi_vq_done+0xbc/0x150\n vring_interrupt+0x179/0x390\n __handle_irq_event_percpu+0xf7/0x490\n handle_irq_event_percpu+0x7b/0x160\n handle_irq_event+0xcc/0x170\n handle_edge_irq+0x215/0xb20\n common_interrupt+0x60/0x120\n asm_common_interrupt+0x1e/0x40\n\nFix this by move BIO_THROTTLED set into the queue_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49465",
"url": "https://www.suse.com/security/cve/CVE-2022-49465"
},
{
"category": "external",
"summary": "SUSE Bug 1238919 for CVE-2022-49465",
"url": "https://bugzilla.suse.com/1238919"
},
{
"category": "external",
"summary": "SUSE Bug 1238920 for CVE-2022-49465",
"url": "https://bugzilla.suse.com/1238920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49465"
},
{
"cve": "CVE-2022-49467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49467"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: msm: fix possible memory leak in mdp5_crtc_cursor_set()\n\ndrm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo\nneeds to be put when msm_gem_get_and_pin_iova fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49467",
"url": "https://www.suse.com/security/cve/CVE-2022-49467"
},
{
"category": "external",
"summary": "SUSE Bug 1238815 for CVE-2022-49467",
"url": "https://bugzilla.suse.com/1238815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49467"
},
{
"cve": "CVE-2022-49473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not needed anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49473",
"url": "https://www.suse.com/security/cve/CVE-2022-49473"
},
{
"category": "external",
"summary": "SUSE Bug 1238135 for CVE-2022-49473",
"url": "https://bugzilla.suse.com/1238135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49473"
},
{
"cve": "CVE-2022-49474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout\n\nConnecting the same socket twice consecutively in sco_sock_connect()\ncould lead to a race condition where two sco_conn objects are created\nbut only one is associated with the socket. If the socket is closed\nbefore the SCO connection is established, the timer associated with the\ndangling sco_conn object won\u0027t be canceled. As the sock object is being\nfreed, the use-after-free problem happens when the timer callback\nfunction sco_sock_timeout() accesses the socket. Here\u0027s the call trace:\n\ndump_stack+0x107/0x163\n? refcount_inc+0x1c/\nprint_address_description.constprop.0+0x1c/0x47e\n? refcount_inc+0x1c/0x7b\nkasan_report+0x13a/0x173\n? refcount_inc+0x1c/0x7b\ncheck_memory_region+0x132/0x139\nrefcount_inc+0x1c/0x7b\nsco_sock_timeout+0xb2/0x1ba\nprocess_one_work+0x739/0xbd1\n? cancel_delayed_work+0x13f/0x13f\n? __raw_spin_lock_init+0xf0/0xf0\n? to_kthread+0x59/0x85\nworker_thread+0x593/0x70e\nkthread+0x346/0x35a\n? drain_workqueue+0x31a/0x31a\n? kthread_bind+0x4b/0x4b\nret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49474",
"url": "https://www.suse.com/security/cve/CVE-2022-49474"
},
{
"category": "external",
"summary": "SUSE Bug 1238071 for CVE-2022-49474",
"url": "https://bugzilla.suse.com/1238071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49474"
},
{
"cve": "CVE-2022-49475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49475"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-qspi: check return value after calling platform_get_resource_byname()\n\nIt will cause null-ptr-deref if platform_get_resource_byname() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49475",
"url": "https://www.suse.com/security/cve/CVE-2022-49475"
},
{
"category": "external",
"summary": "SUSE Bug 1238617 for CVE-2022-49475",
"url": "https://bugzilla.suse.com/1238617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49475"
},
{
"cve": "CVE-2022-49478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init\n\nSyzbot reported that -1 is used as array index. The problem was in\nmissing validation check.\n\nhdw-\u003eunit_number is initialized with -1 and then if init table walk fails\nthis value remains unchanged. Since code blindly uses this member for\narray indexing adding sanity check is the easiest fix for that.\n\nhdw-\u003eworkpoll initialization moved upper to prevent warning in\n__flush_work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49478",
"url": "https://www.suse.com/security/cve/CVE-2022-49478"
},
{
"category": "external",
"summary": "SUSE Bug 1238000 for CVE-2022-49478",
"url": "https://bugzilla.suse.com/1238000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49478"
},
{
"cve": "CVE-2022-49481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49481"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt\n\nof_node_get() returns a node with refcount incremented.\nCalling of_node_put() to drop the reference when not needed anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49481",
"url": "https://www.suse.com/security/cve/CVE-2022-49481"
},
{
"category": "external",
"summary": "SUSE Bug 1238264 for CVE-2022-49481",
"url": "https://bugzilla.suse.com/1238264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49481"
},
{
"cve": "CVE-2022-49482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mxs-saif: Fix refcount leak in mxs_saif_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49482",
"url": "https://www.suse.com/security/cve/CVE-2022-49482"
},
{
"category": "external",
"summary": "SUSE Bug 1238543 for CVE-2022-49482",
"url": "https://bugzilla.suse.com/1238543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49482"
},
{
"cve": "CVE-2022-49488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected\n\nThere is a possibility for mdp5_get_global_state to return\n-EDEADLK when acquiring the modeset lock, but currently global_state in\nmdp5_mixer_release doesn\u0027t check for if an error is returned.\n\nTo avoid a NULL dereference error, let\u0027s have mdp5_mixer_release\ncheck if an error is returned and propagate that error.\n\nPatchwork: https://patchwork.freedesktop.org/patch/485181/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49488",
"url": "https://www.suse.com/security/cve/CVE-2022-49488"
},
{
"category": "external",
"summary": "SUSE Bug 1238600 for CVE-2022-49488",
"url": "https://bugzilla.suse.com/1238600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49488"
},
{
"cve": "CVE-2022-49489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49489"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume\n\nBUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3\n\nCall trace:\n dpu_vbif_init_memtypes+0x40/0xb8\n dpu_runtime_resume+0xcc/0x1c0\n pm_generic_runtime_resume+0x30/0x44\n __genpd_runtime_resume+0x68/0x7c\n genpd_runtime_resume+0x134/0x258\n __rpm_callback+0x98/0x138\n rpm_callback+0x30/0x88\n rpm_resume+0x36c/0x49c\n __pm_runtime_resume+0x80/0xb0\n dpu_core_irq_uninstall+0x30/0xb0\n dpu_irq_uninstall+0x18/0x24\n msm_drm_uninit+0xd8/0x16c\n\nPatchwork: https://patchwork.freedesktop.org/patch/483255/\n[DB: fixed Fixes tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49489",
"url": "https://www.suse.com/security/cve/CVE-2022-49489"
},
{
"category": "external",
"summary": "SUSE Bug 1238244 for CVE-2022-49489",
"url": "https://bugzilla.suse.com/1238244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49489"
},
{
"cve": "CVE-2022-49490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected\n\nmdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring\nthe modeset lock, but currently mdp5_pipe_release doesn\u0027t check for if\nan error is returned. Because of this, there is a possibility of\nmdp5_pipe_release hitting a NULL dereference error.\n\nTo avoid this, let\u0027s have mdp5_pipe_release check if\nmdp5_get_global_state returns an error and propogate that error.\n\nChanges since v1:\n- Separated declaration and initialization of *new_state to avoid\n compiler warning\n- Fixed some spelling mistakes in commit message\n\nChanges since v2:\n- Return 0 in case where hwpipe is NULL as this is considered normal\n behavior\n- Added 2nd patch in series to fix a similar NULL dereference issue in\n mdp5_mixer_release\n\nPatchwork: https://patchwork.freedesktop.org/patch/485179/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49490",
"url": "https://www.suse.com/security/cve/CVE-2022-49490"
},
{
"category": "external",
"summary": "SUSE Bug 1238275 for CVE-2022-49490",
"url": "https://bugzilla.suse.com/1238275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49490"
},
{
"cve": "CVE-2022-49491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop: fix possible null-ptr-deref in vop_bind()\n\nIt will cause null-ptr-deref in resource_size(), if platform_get_resource()\nreturns NULL, move calling resource_size() after devm_ioremap_resource() that\nwill check \u0027res\u0027 to avoid null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49491",
"url": "https://www.suse.com/security/cve/CVE-2022-49491"
},
{
"category": "external",
"summary": "SUSE Bug 1238539 for CVE-2022-49491",
"url": "https://bugzilla.suse.com/1238539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49491"
},
{
"cve": "CVE-2022-49493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: rt5645: Fix errorenous cleanup order\n\nThere is a logic error when removing rt5645 device as the function\nrt5645_i2c_remove() first cancel the \u0026rt5645-\u003ejack_detect_work and\ndelete the \u0026rt5645-\u003ebtn_check_timer latter. However, since the timer\nhandler rt5645_btn_check_callback() will re-queue the jack_detect_work,\nthis cleanup order is buggy.\n\nThat is, once the del_timer_sync in rt5645_i2c_remove is concurrently\nrun with the rt5645_btn_check_callback, the canceled jack_detect_work\nwill be rescheduled again, leading to possible use-after-free.\n\nThis patch fix the issue by placing the del_timer_sync function before\nthe cancel_delayed_work_sync.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49493",
"url": "https://www.suse.com/security/cve/CVE-2022-49493"
},
{
"category": "external",
"summary": "SUSE Bug 1238939 for CVE-2022-49493",
"url": "https://bugzilla.suse.com/1238939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49493"
},
{
"cve": "CVE-2022-49495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/hdmi: check return value after calling platform_get_resource_byname()\n\nIt will cause null-ptr-deref if platform_get_resource_byname() returns NULL,\nwe need check the return value.\n\nPatchwork: https://patchwork.freedesktop.org/patch/482992/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49495",
"url": "https://www.suse.com/security/cve/CVE-2022-49495"
},
{
"category": "external",
"summary": "SUSE Bug 1237932 for CVE-2022-49495",
"url": "https://bugzilla.suse.com/1237932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49495"
},
{
"cve": "CVE-2022-49498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Check for null pointer of pointer substream before dereferencing it\n\nPointer substream is being dereferenced on the assignment of pointer card\nbefore substream is being null checked with the macro PCM_RUNTIME_CHECK.\nAlthough PCM_RUNTIME_CHECK calls BUG_ON, it still is useful to perform the\nthe pointer check before card is assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49498",
"url": "https://www.suse.com/security/cve/CVE-2022-49498"
},
{
"category": "external",
"summary": "SUSE Bug 1238825 for CVE-2022-49498",
"url": "https://bugzilla.suse.com/1238825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49498"
},
{
"cve": "CVE-2022-49503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix\n\nThe \"rxstatus-\u003ers_keyix\" eventually gets passed to test_bit() so we need to\nensure that it is within the bitmap.\n\ndrivers/net/wireless/ath/ath9k/common.c:46 ath9k_cmn_rx_accept()\nerror: passing untrusted data \u0027rx_stats-\u003ers_keyix\u0027 to \u0027test_bit()\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49503",
"url": "https://www.suse.com/security/cve/CVE-2022-49503"
},
{
"category": "external",
"summary": "SUSE Bug 1238868 for CVE-2022-49503",
"url": "https://bugzilla.suse.com/1238868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49503"
},
{
"cve": "CVE-2022-49504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49504"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Inhibit aborts if external loopback plug is inserted\n\nAfter running a short external loopback test, when the external loopback is\nremoved and a normal cable inserted that is directly connected to a target\ndevice, the system oops in the llpfc_set_rrq_active() routine.\n\nWhen the loopback was inserted an FLOGI was transmit. As we\u0027re looped back,\nwe receive the FLOGI request. The FLOGI is ABTS\u0027d as we recognize the same\nwppn thus understand it\u0027s a loopback. However, as the ABTS sends address\ninformation the port is not set to (fffffe), the ABTS is dropped on the\nwire. A short 1 frame loopback test is run and completes before the ABTS\ntimes out. The looback is unplugged and the new cable plugged in, and the\nan FLOGI to the new device occurs and completes. Due to a mixup in ref\ncounting the completion of the new FLOGI releases the fabric ndlp. Then the\noriginal ABTS completes and references the released ndlp generating the\noops.\n\nCorrect by no-op\u0027ing the ABTS when in loopback mode (it will be dropped\nanyway). Added a flag to track the mode to recognize when it should be\nno-op\u0027d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49504",
"url": "https://www.suse.com/security/cve/CVE-2022-49504"
},
{
"category": "external",
"summary": "SUSE Bug 1238835 for CVE-2022-49504",
"url": "https://bugzilla.suse.com/1238835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49504"
},
{
"cve": "CVE-2022-49505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49505"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: NULL out the dev-\u003erfkill to prevent UAF\n\nCommit 3e3b5dfcd16a (\"NFC: reorder the logic in nfc_{un,}register_device\")\nassumes the device_is_registered() in function nfc_dev_up() will help\nto check when the rfkill is unregistered. However, this check only\ntake effect when device_del(\u0026dev-\u003edev) is done in nfc_unregister_device().\nHence, the rfkill object is still possible be dereferenced.\n\nThe crash trace in latest kernel (5.18-rc2):\n\n[ 68.760105] ==================================================================\n[ 68.760330] BUG: KASAN: use-after-free in __lock_acquire+0x3ec1/0x6750\n[ 68.760756] Read of size 8 at addr ffff888009c93018 by task fuzz/313\n[ 68.760756]\n[ 68.760756] CPU: 0 PID: 313 Comm: fuzz Not tainted 5.18.0-rc2 #4\n[ 68.760756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 68.760756] Call Trace:\n[ 68.760756] \u003cTASK\u003e\n[ 68.760756] dump_stack_lvl+0x57/0x7d\n[ 68.760756] print_report.cold+0x5e/0x5db\n[ 68.760756] ? __lock_acquire+0x3ec1/0x6750\n[ 68.760756] kasan_report+0xbe/0x1c0\n[ 68.760756] ? __lock_acquire+0x3ec1/0x6750\n[ 68.760756] __lock_acquire+0x3ec1/0x6750\n[ 68.760756] ? lockdep_hardirqs_on_prepare+0x410/0x410\n[ 68.760756] ? register_lock_class+0x18d0/0x18d0\n[ 68.760756] lock_acquire+0x1ac/0x4f0\n[ 68.760756] ? rfkill_blocked+0xe/0x60\n[ 68.760756] ? lockdep_hardirqs_on_prepare+0x410/0x410\n[ 68.760756] ? mutex_lock_io_nested+0x12c0/0x12c0\n[ 68.760756] ? nla_get_range_signed+0x540/0x540\n[ 68.760756] ? _raw_spin_lock_irqsave+0x4e/0x50\n[ 68.760756] _raw_spin_lock_irqsave+0x39/0x50\n[ 68.760756] ? rfkill_blocked+0xe/0x60\n[ 68.760756] rfkill_blocked+0xe/0x60\n[ 68.760756] nfc_dev_up+0x84/0x260\n[ 68.760756] nfc_genl_dev_up+0x90/0xe0\n[ 68.760756] genl_family_rcv_msg_doit+0x1f4/0x2f0\n[ 68.760756] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x230/0x230\n[ 68.760756] ? security_capable+0x51/0x90\n[ 68.760756] genl_rcv_msg+0x280/0x500\n[ 68.760756] ? genl_get_cmd+0x3c0/0x3c0\n[ 68.760756] ? lock_acquire+0x1ac/0x4f0\n[ 68.760756] ? nfc_genl_dev_down+0xe0/0xe0\n[ 68.760756] ? lockdep_hardirqs_on_prepare+0x410/0x410\n[ 68.760756] netlink_rcv_skb+0x11b/0x340\n[ 68.760756] ? genl_get_cmd+0x3c0/0x3c0\n[ 68.760756] ? netlink_ack+0x9c0/0x9c0\n[ 68.760756] ? netlink_deliver_tap+0x136/0xb00\n[ 68.760756] genl_rcv+0x1f/0x30\n[ 68.760756] netlink_unicast+0x430/0x710\n[ 68.760756] ? memset+0x20/0x40\n[ 68.760756] ? netlink_attachskb+0x740/0x740\n[ 68.760756] ? __build_skb_around+0x1f4/0x2a0\n[ 68.760756] netlink_sendmsg+0x75d/0xc00\n[ 68.760756] ? netlink_unicast+0x710/0x710\n[ 68.760756] ? netlink_unicast+0x710/0x710\n[ 68.760756] sock_sendmsg+0xdf/0x110\n[ 68.760756] __sys_sendto+0x19e/0x270\n[ 68.760756] ? __ia32_sys_getpeername+0xa0/0xa0\n[ 68.760756] ? fd_install+0x178/0x4c0\n[ 68.760756] ? fd_install+0x195/0x4c0\n[ 68.760756] ? kernel_fpu_begin_mask+0x1c0/0x1c0\n[ 68.760756] __x64_sys_sendto+0xd8/0x1b0\n[ 68.760756] ? lockdep_hardirqs_on+0xbf/0x130\n[ 68.760756] ? syscall_enter_from_user_mode+0x1d/0x50\n[ 68.760756] do_syscall_64+0x3b/0x90\n[ 68.760756] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 68.760756] RIP: 0033:0x7f67fb50e6b3\n...\n[ 68.760756] RSP: 002b:00007f67fa91fe90 EFLAGS: 00000293 ORIG_RAX: 000000000000002c\n[ 68.760756] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f67fb50e6b3\n[ 68.760756] RDX: 000000000000001c RSI: 0000559354603090 RDI: 0000000000000003\n[ 68.760756] RBP: 00007f67fa91ff00 R08: 00007f67fa91fedc R09: 000000000000000c\n[ 68.760756] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffe824d496e\n[ 68.760756] R13: 00007ffe824d496f R14: 00007f67fa120000 R15: 0000000000000003\n\n[ 68.760756] \u003c/TASK\u003e\n[ 68.760756]\n[ 68.760756] Allocated by task 279:\n[ 68.760756] kasan_save_stack+0x1e/0x40\n[\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49505",
"url": "https://www.suse.com/security/cve/CVE-2022-49505"
},
{
"category": "external",
"summary": "SUSE Bug 1238615 for CVE-2022-49505",
"url": "https://bugzilla.suse.com/1238615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49505"
},
{
"cve": "CVE-2022-49508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49508"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: elan: Fix potential double free in elan_input_configured\n\n\u0027input\u0027 is a managed resource allocated with devm_input_allocate_device(),\nso there is no need to call input_free_device() explicitly or\nthere will be a double free.\n\nAccording to the doc of devm_input_allocate_device():\n * Managed input devices do not need to be explicitly unregistered or\n * freed as it will be done automatically when owner device unbinds from\n * its driver (or binding fails).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49508",
"url": "https://www.suse.com/security/cve/CVE-2022-49508"
},
{
"category": "external",
"summary": "SUSE Bug 1237940 for CVE-2022-49508",
"url": "https://bugzilla.suse.com/1237940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49508"
},
{
"cve": "CVE-2022-49514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49514"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe\n\nCall of_node_put(platform_node) to avoid refcount leak in\nthe error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49514",
"url": "https://www.suse.com/security/cve/CVE-2022-49514"
},
{
"category": "external",
"summary": "SUSE Bug 1238429 for CVE-2022-49514",
"url": "https://bugzilla.suse.com/1238429"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49514"
},
{
"cve": "CVE-2022-49517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49517"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe\n\nThis node pointer is returned by of_parse_phandle() with\nrefcount incremented in this function.\nCalling of_node_put() to avoid the refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49517",
"url": "https://www.suse.com/security/cve/CVE-2022-49517"
},
{
"category": "external",
"summary": "SUSE Bug 1237996 for CVE-2022-49517",
"url": "https://bugzilla.suse.com/1237996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49517"
},
{
"cve": "CVE-2022-49521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()\n\nIf no handler is found in lpfc_complete_unsol_iocb() to match the rctl of a\nreceived frame, the frame is dropped and resources are leaked.\n\nFix by returning resources when discarding an unhandled frame type. Update\nlpfc_fc_frame_check() handling of NOP basic link service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49521",
"url": "https://www.suse.com/security/cve/CVE-2022-49521"
},
{
"category": "external",
"summary": "SUSE Bug 1238938 for CVE-2022-49521",
"url": "https://bugzilla.suse.com/1238938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49521"
},
{
"cve": "CVE-2022-49522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49522"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: jz4740: Apply DMA engine limits to maximum segment size\n\nDo what is done in other DMA-enabled MMC host drivers (cf. host/mmci.c) and\nlimit the maximum segment size based on the DMA engine\u0027s capabilities. This\nis needed to avoid warnings like the following with CONFIG_DMA_API_DEBUG=y.\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 21 at kernel/dma/debug.c:1162 debug_dma_map_sg+0x2f4/0x39c\nDMA-API: jz4780-dma 13420000.dma-controller: mapping sg segment longer than device claims to support [len=98304] [max=65536]\nCPU: 0 PID: 21 Comm: kworker/0:1H Not tainted 5.18.0-rc1 #19\nWorkqueue: kblockd blk_mq_run_work_fn\nStack : 81575aec 00000004 80620000 80620000 80620000 805e7358 00000009 801537ac\n 814c832c 806276e3 806e34b4 80620000 81575aec 00000001 81575ab8 09291444\n 00000000 00000000 805e7358 81575958 ffffffea 8157596c 00000000 636f6c62\n 6220646b 80387a70 0000000f 6d5f6b6c 80620000 00000000 81575ba4 00000009\n 805e170c 80896640 00000001 00010000 00000000 00000000 00006098 806e0000\n ...\nCall Trace:\n[\u003c80107670\u003e] show_stack+0x84/0x120\n[\u003c80528cd8\u003e] __warn+0xb8/0xec\n[\u003c80528d78\u003e] warn_slowpath_fmt+0x6c/0xb8\n[\u003c8016f1d4\u003e] debug_dma_map_sg+0x2f4/0x39c\n[\u003c80169d4c\u003e] __dma_map_sg_attrs+0xf0/0x118\n[\u003c8016a27c\u003e] dma_map_sg_attrs+0x14/0x28\n[\u003c804f66b4\u003e] jz4740_mmc_prepare_dma_data+0x74/0xa4\n[\u003c804f6714\u003e] jz4740_mmc_pre_request+0x30/0x54\n[\u003c804f4ff4\u003e] mmc_blk_mq_issue_rq+0x6e0/0x7bc\n[\u003c804f5590\u003e] mmc_mq_queue_rq+0x220/0x2d4\n[\u003c8038b2c0\u003e] blk_mq_dispatch_rq_list+0x480/0x664\n[\u003c80391040\u003e] blk_mq_do_dispatch_sched+0x2dc/0x370\n[\u003c80391468\u003e] __blk_mq_sched_dispatch_requests+0xec/0x164\n[\u003c80391540\u003e] blk_mq_sched_dispatch_requests+0x44/0x94\n[\u003c80387900\u003e] __blk_mq_run_hw_queue+0xb0/0xcc\n[\u003c80134c14\u003e] process_one_work+0x1b8/0x264\n[\u003c80134ff8\u003e] worker_thread+0x2ec/0x3b8\n[\u003c8013b13c\u003e] kthread+0x104/0x10c\n[\u003c80101dcc\u003e] ret_from_kernel_thread+0x14/0x1c\n\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49522",
"url": "https://www.suse.com/security/cve/CVE-2022-49522"
},
{
"category": "external",
"summary": "SUSE Bug 1238948 for CVE-2022-49522",
"url": "https://bugzilla.suse.com/1238948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49522"
},
{
"cve": "CVE-2022-49524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pci: cx23885: Fix the error handling in cx23885_initdev()\n\nWhen the driver fails to call the dma_set_mask(), the driver will get\nthe following splat:\n\n[ 55.853884] BUG: KASAN: use-after-free in __process_removed_driver+0x3c/0x240\n[ 55.854486] Read of size 8 at addr ffff88810de60408 by task modprobe/590\n[ 55.856822] Call Trace:\n[ 55.860327] __process_removed_driver+0x3c/0x240\n[ 55.861347] bus_for_each_dev+0x102/0x160\n[ 55.861681] i2c_del_driver+0x2f/0x50\n\nThis is because the driver has initialized the i2c related resources\nin cx23885_dev_setup() but not released them in error handling, fix this\nbug by modifying the error path that jumps after failing to call the\ndma_set_mask().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49524",
"url": "https://www.suse.com/security/cve/CVE-2022-49524"
},
{
"category": "external",
"summary": "SUSE Bug 1238949 for CVE-2022-49524",
"url": "https://bugzilla.suse.com/1238949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49524"
},
{
"cve": "CVE-2022-49525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx25821: Fix the warning when removing the module\n\nWhen removing the module, we will get the following warning:\n\n[ 14.746697] remove_proc_entry: removing non-empty directory \u0027irq/21\u0027, leaking at least \u0027cx25821[1]\u0027\n[ 14.747449] WARNING: CPU: 4 PID: 368 at fs/proc/generic.c:717 remove_proc_entry+0x389/0x3f0\n[ 14.751611] RIP: 0010:remove_proc_entry+0x389/0x3f0\n[ 14.759589] Call Trace:\n[ 14.759792] \u003cTASK\u003e\n[ 14.759975] unregister_irq_proc+0x14c/0x170\n[ 14.760340] irq_free_descs+0x94/0xe0\n[ 14.760640] mp_unmap_irq+0xb6/0x100\n[ 14.760937] acpi_unregister_gsi_ioapic+0x27/0x40\n[ 14.761334] acpi_pci_irq_disable+0x1d3/0x320\n[ 14.761688] pci_disable_device+0x1ad/0x380\n[ 14.762027] ? _raw_spin_unlock_irqrestore+0x2d/0x60\n[ 14.762442] ? cx25821_shutdown+0x20/0x9f0 [cx25821]\n[ 14.762848] cx25821_finidev+0x48/0xc0 [cx25821]\n[ 14.763242] pci_device_remove+0x92/0x240\n\nFix this by freeing the irq before call pci_disable_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49525",
"url": "https://www.suse.com/security/cve/CVE-2022-49525"
},
{
"category": "external",
"summary": "SUSE Bug 1238022 for CVE-2022-49525",
"url": "https://bugzilla.suse.com/1238022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49525"
},
{
"cve": "CVE-2022-49526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/bitmap: don\u0027t set sb values if can\u0027t pass sanity check\n\nIf bitmap area contains invalid data, kernel will crash then mdadm\ntriggers \"Segmentation fault\".\nThis is cluster-md speical bug. In non-clustered env, mdadm will\nhandle broken metadata case. In clustered array, only kernel space\nhandles bitmap slot info. But even this bug only happened in clustered\nenv, current sanity check is wrong, the code should be changed.\n\nHow to trigger: (faulty injection)\n\ndd if=/dev/zero bs=1M count=1 oflag=direct of=/dev/sda\ndd if=/dev/zero bs=1M count=1 oflag=direct of=/dev/sdb\nmdadm -C /dev/md0 -b clustered -e 1.2 -n 2 -l mirror /dev/sda /dev/sdb\nmdadm -Ss\necho aaa \u003e magic.txt\n == below modifying slot 2 bitmap data ==\ndd if=magic.txt of=/dev/sda seek=16384 bs=1 count=3 \u003c== destroy magic\ndd if=/dev/zero of=/dev/sda seek=16436 bs=1 count=4 \u003c== ZERO chunksize\nmdadm -A /dev/md0 /dev/sda /dev/sdb\n == kernel crashes. mdadm outputs \"Segmentation fault\" ==\n\nReason of kernel crash:\n\nIn md_bitmap_read_sb (called by md_bitmap_create), bad bitmap magic didn\u0027t\nblock chunksize assignment, and zero value made DIV_ROUND_UP_SECTOR_T()\ntrigger \"divide error\".\n\nCrash log:\n\nkernel: md: md0 stopped.\nkernel: md/raid1:md0: not clean -- starting background reconstruction\nkernel: md/raid1:md0: active with 2 out of 2 mirrors\nkernel: dlm: ... ...\nkernel: md-cluster: Joined cluster 44810aba-38bb-e6b8-daca-bc97a0b254aa slot 1\nkernel: md0: invalid bitmap file superblock: bad magic\nkernel: md_bitmap_copy_from_slot can\u0027t get bitmap from slot 2\nkernel: md-cluster: Could not gather bitmaps from slot 2\nkernel: divide error: 0000 [#1] SMP NOPTI\nkernel: CPU: 0 PID: 1603 Comm: mdadm Not tainted 5.14.6-1-default\nkernel: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nkernel: RIP: 0010:md_bitmap_create+0x1d1/0x850 [md_mod]\nkernel: RSP: 0018:ffffc22ac0843ba0 EFLAGS: 00010246\nkernel: ... ...\nkernel: Call Trace:\nkernel: ? dlm_lock_sync+0xd0/0xd0 [md_cluster 77fe..7a0]\nkernel: md_bitmap_copy_from_slot+0x2c/0x290 [md_mod 24ea..d3a]\nkernel: load_bitmaps+0xec/0x210 [md_cluster 77fe..7a0]\nkernel: md_bitmap_load+0x81/0x1e0 [md_mod 24ea..d3a]\nkernel: do_md_run+0x30/0x100 [md_mod 24ea..d3a]\nkernel: md_ioctl+0x1290/0x15a0 [md_mod 24ea....d3a]\nkernel: ? mddev_unlock+0xaa/0x130 [md_mod 24ea..d3a]\nkernel: ? blkdev_ioctl+0xb1/0x2b0\nkernel: block_ioctl+0x3b/0x40\nkernel: __x64_sys_ioctl+0x7f/0xb0\nkernel: do_syscall_64+0x59/0x80\nkernel: ? exit_to_user_mode_prepare+0x1ab/0x230\nkernel: ? syscall_exit_to_user_mode+0x18/0x40\nkernel: ? do_syscall_64+0x69/0x80\nkernel: entry_SYSCALL_64_after_hwframe+0x44/0xae\nkernel: RIP: 0033:0x7f4a15fa722b\nkernel: ... ...\nkernel: ---[ end trace 8afa7612f559c868 ]---\nkernel: RIP: 0010:md_bitmap_create+0x1d1/0x850 [md_mod]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49526",
"url": "https://www.suse.com/security/cve/CVE-2022-49526"
},
{
"category": "external",
"summary": "SUSE Bug 1238030 for CVE-2022-49526",
"url": "https://bugzilla.suse.com/1238030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49526"
},
{
"cve": "CVE-2022-49527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: avoid null dereference in deinit\n\nIf venus_probe fails at pm_runtime_put_sync the error handling first\ncalls hfi_destroy and afterwards hfi_core_deinit. As hfi_destroy sets\ncore-\u003eops to NULL, hfi_core_deinit cannot call the core_deinit function\nanymore.\n\nAvoid this null pointer derefence by skipping the call when necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49527",
"url": "https://www.suse.com/security/cve/CVE-2022-49527"
},
{
"category": "external",
"summary": "SUSE Bug 1238013 for CVE-2022-49527",
"url": "https://bugzilla.suse.com/1238013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49527"
},
{
"cve": "CVE-2022-49532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49532"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes\n\ndrm_cvt_mode may return NULL and we should check it.\n\nThis bug is found by syzkaller:\n\nFAULT_INJECTION stacktrace:\n[ 168.567394] FAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 1\n[ 168.567403] CPU: 1 PID: 6425 Comm: syz Kdump: loaded Not tainted 4.19.90-vhulk2201.1.0.h1035.kasan.eulerosv2r10.aarch64 #1\n[ 168.567406] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n[ 168.567408] Call trace:\n[ 168.567414] dump_backtrace+0x0/0x310\n[ 168.567418] show_stack+0x28/0x38\n[ 168.567423] dump_stack+0xec/0x15c\n[ 168.567427] should_fail+0x3ac/0x3d0\n[ 168.567437] __should_failslab+0xb8/0x120\n[ 168.567441] should_failslab+0x28/0xc0\n[ 168.567445] kmem_cache_alloc_trace+0x50/0x640\n[ 168.567454] drm_mode_create+0x40/0x90\n[ 168.567458] drm_cvt_mode+0x48/0xc78\n[ 168.567477] virtio_gpu_conn_get_modes+0xa8/0x140 [virtio_gpu]\n[ 168.567485] drm_helper_probe_single_connector_modes+0x3a4/0xd80\n[ 168.567492] drm_mode_getconnector+0x2e0/0xa70\n[ 168.567496] drm_ioctl_kernel+0x11c/0x1d8\n[ 168.567514] drm_ioctl+0x558/0x6d0\n[ 168.567522] do_vfs_ioctl+0x160/0xf30\n[ 168.567525] ksys_ioctl+0x98/0xd8\n[ 168.567530] __arm64_sys_ioctl+0x50/0xc8\n[ 168.567536] el0_svc_common+0xc8/0x320\n[ 168.567540] el0_svc_handler+0xf8/0x160\n[ 168.567544] el0_svc+0x10/0x218\n\nKASAN stacktrace:\n[ 168.567561] BUG: KASAN: null-ptr-deref in virtio_gpu_conn_get_modes+0xb4/0x140 [virtio_gpu]\n[ 168.567565] Read of size 4 at addr 0000000000000054 by task syz/6425\n[ 168.567566]\n[ 168.567571] CPU: 1 PID: 6425 Comm: syz Kdump: loaded Not tainted 4.19.90-vhulk2201.1.0.h1035.kasan.eulerosv2r10.aarch64 #1\n[ 168.567573] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n[ 168.567575] Call trace:\n[ 168.567578] dump_backtrace+0x0/0x310\n[ 168.567582] show_stack+0x28/0x38\n[ 168.567586] dump_stack+0xec/0x15c\n[ 168.567591] kasan_report+0x244/0x2f0\n[ 168.567594] __asan_load4+0x58/0xb0\n[ 168.567607] virtio_gpu_conn_get_modes+0xb4/0x140 [virtio_gpu]\n[ 168.567612] drm_helper_probe_single_connector_modes+0x3a4/0xd80\n[ 168.567617] drm_mode_getconnector+0x2e0/0xa70\n[ 168.567621] drm_ioctl_kernel+0x11c/0x1d8\n[ 168.567624] drm_ioctl+0x558/0x6d0\n[ 168.567628] do_vfs_ioctl+0x160/0xf30\n[ 168.567632] ksys_ioctl+0x98/0xd8\n[ 168.567636] __arm64_sys_ioctl+0x50/0xc8\n[ 168.567641] el0_svc_common+0xc8/0x320\n[ 168.567645] el0_svc_handler+0xf8/0x160\n[ 168.567649] el0_svc+0x10/0x218",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49532",
"url": "https://www.suse.com/security/cve/CVE-2022-49532"
},
{
"category": "external",
"summary": "SUSE Bug 1238925 for CVE-2022-49532",
"url": "https://bugzilla.suse.com/1238925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49532"
},
{
"cve": "CVE-2022-49534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT\n\nThere is a potential memory leak in lpfc_ignore_els_cmpl() and\nlpfc_els_rsp_reject() that was allocated from NPIV PLOGI_RJT\n(lpfc_rcv_plogi()\u0027s login_mbox).\n\nCheck if cmdiocb-\u003econtext_un.mbox was allocated in lpfc_ignore_els_cmpl(),\nand then free it back to phba-\u003embox_mem_pool along with mbox-\u003ectx_buf for\nservice parameters.\n\nFor lpfc_els_rsp_reject() failure, free both the ctx_buf for service\nparameters and the login_mbox.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49534",
"url": "https://www.suse.com/security/cve/CVE-2022-49534"
},
{
"category": "external",
"summary": "SUSE Bug 1238893 for CVE-2022-49534",
"url": "https://bugzilla.suse.com/1238893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "low"
}
],
"title": "CVE-2022-49534"
},
{
"cve": "CVE-2022-49535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI\n\nIf lpfc_issue_els_flogi() fails and returns non-zero status, the node\nreference count is decremented to trigger the release of the nodelist\nstructure. However, if there is a prior registration or dev-loss-evt work\npending, the node may be released prematurely. When dev-loss-evt\ncompletes, the released node is referenced causing a use-after-free null\npointer dereference.\n\nSimilarly, when processing non-zero ELS PLOGI completion status in\nlpfc_cmpl_els_plogi(), the ndlp flags are checked for a transport\nregistration before triggering node removal. If dev-loss-evt work is\npending, the node may be released prematurely and a subsequent call to\nlpfc_dev_loss_tmo_handler() results in a use after free ndlp dereference.\n\nAdd test for pending dev-loss before decrementing the node reference count\nfor FLOGI, PLOGI, PRLI, and ADISC handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49535",
"url": "https://www.suse.com/security/cve/CVE-2022-49535"
},
{
"category": "external",
"summary": "SUSE Bug 1238937 for CVE-2022-49535",
"url": "https://bugzilla.suse.com/1238937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49535"
},
{
"cve": "CVE-2022-49536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49536"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix SCSI I/O completion and abort handler deadlock\n\nDuring stress I/O tests with 500+ vports, hard LOCKUP call traces are\nobserved.\n\nCPU A:\n native_queued_spin_lock_slowpath+0x192\n _raw_spin_lock_irqsave+0x32\n lpfc_handle_fcp_err+0x4c6\n lpfc_fcp_io_cmd_wqe_cmpl+0x964\n lpfc_sli4_fp_handle_cqe+0x266\n __lpfc_sli4_process_cq+0x105\n __lpfc_sli4_hba_process_cq+0x3c\n lpfc_cq_poll_hdler+0x16\n irq_poll_softirq+0x76\n __softirqentry_text_start+0xe4\n irq_exit+0xf7\n do_IRQ+0x7f\n\nCPU B:\n native_queued_spin_lock_slowpath+0x5b\n _raw_spin_lock+0x1c\n lpfc_abort_handler+0x13e\n scmd_eh_abort_handler+0x85\n process_one_work+0x1a7\n worker_thread+0x30\n kthread+0x112\n ret_from_fork+0x1f\n\nDiagram of lockup:\n\nCPUA CPUB\n---- ----\nlpfc_cmd-\u003ebuf_lock\n phba-\u003ehbalock\n lpfc_cmd-\u003ebuf_lock\nphba-\u003ehbalock\n\nFix by reordering the taking of the lpfc_cmd-\u003ebuf_lock and phba-\u003ehbalock in\nlpfc_abort_handler routine so that it tries to take the lpfc_cmd-\u003ebuf_lock\nfirst before phba-\u003ehbalock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49536",
"url": "https://www.suse.com/security/cve/CVE-2022-49536"
},
{
"category": "external",
"summary": "SUSE Bug 1238838 for CVE-2022-49536",
"url": "https://bugzilla.suse.com/1238838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49536"
},
{
"cve": "CVE-2022-49537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix call trace observed during I/O with CMF enabled\n\nThe following was seen with CMF enabled:\n\nBUG: using smp_processor_id() in preemptible\ncode: systemd-udevd/31711\nkernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: CPU: 12 PID: 31711 Comm: systemd-udevd\nkernel: Call Trace:\nkernel: \u003cTASK\u003e\nkernel: dump_stack_lvl+0x44/0x57\nkernel: check_preemption_disabled+0xbf/0xe0\nkernel: lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: lpfc_nvme_fcp_io_submit+0x23b4/0x4df0 [lpfc]\n\nthis_cpu_ptr() calls smp_processor_id() in a preemptible context.\n\nFix by using per_cpu_ptr() with raw_smp_processor_id() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49537",
"url": "https://www.suse.com/security/cve/CVE-2022-49537"
},
{
"category": "external",
"summary": "SUSE Bug 1238930 for CVE-2022-49537",
"url": "https://bugzilla.suse.com/1238930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49537"
},
{
"cve": "CVE-2022-49541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential double free during failed mount\n\nRHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49541",
"url": "https://www.suse.com/security/cve/CVE-2022-49541"
},
{
"category": "external",
"summary": "SUSE Bug 1238727 for CVE-2022-49541",
"url": "https://bugzilla.suse.com/1238727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49541"
},
{
"cve": "CVE-2022-49542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49542"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()\n\nIn an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard\nlockup call trace hangs the system.\n\nCall Trace:\n _raw_spin_lock_irqsave+0x32/0x40\n lpfc_dmp_dbg.part.32+0x28/0x220 [lpfc]\n lpfc_cmpl_els_fdisc+0x145/0x460 [lpfc]\n lpfc_sli_cancel_jobs+0x92/0xd0 [lpfc]\n lpfc_els_flush_cmd+0x43c/0x670 [lpfc]\n lpfc_els_flush_all_cmd+0x37/0x60 [lpfc]\n lpfc_sli4_async_event_proc+0x956/0x1720 [lpfc]\n lpfc_do_work+0x1485/0x1d70 [lpfc]\n kthread+0x112/0x130\n ret_from_fork+0x1f/0x40\nKernel panic - not syncing: Hard LOCKUP\n\nThe same CPU tries to claim the phba-\u003eport_list_lock twice.\n\nMove the cfg_log_verbose checks as part of the lpfc_printf_vlog() and\nlpfc_printf_log() macros before calling lpfc_dmp_dbg(). There is no need\nto take the phba-\u003eport_list_lock within lpfc_dmp_dbg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49542",
"url": "https://www.suse.com/security/cve/CVE-2022-49542"
},
{
"category": "external",
"summary": "SUSE Bug 1238722 for CVE-2022-49542",
"url": "https://bugzilla.suse.com/1238722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49542"
},
{
"cve": "CVE-2022-49544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipw2x00: Fix potential NULL dereference in libipw_xmit()\n\ncrypt and crypt-\u003eops could be null, so we need to checking null\nbefore dereference",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49544",
"url": "https://www.suse.com/security/cve/CVE-2022-49544"
},
{
"category": "external",
"summary": "SUSE Bug 1238721 for CVE-2022-49544",
"url": "https://bugzilla.suse.com/1238721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49544"
},
{
"cve": "CVE-2022-49545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Cancel pending work at closing a MIDI substream\n\nAt closing a USB MIDI output substream, there might be still a pending\nwork, which would eventually access the rawmidi runtime object that is\nbeing released. For fixing the race, make sure to cancel the pending\nwork at closing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49545",
"url": "https://www.suse.com/security/cve/CVE-2022-49545"
},
{
"category": "external",
"summary": "SUSE Bug 1238729 for CVE-2022-49545",
"url": "https://bugzilla.suse.com/1238729"
},
{
"category": "external",
"summary": "SUSE Bug 1238730 for CVE-2022-49545",
"url": "https://bugzilla.suse.com/1238730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49545"
},
{
"cve": "CVE-2022-49546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kexec: fix memory leak of elf header buffer\n\nThis is reported by kmemleak detector:\n\nunreferenced object 0xffffc900002a9000 (size 4096):\n comm \"kexec\", pid 14950, jiffies 4295110793 (age 373.951s)\n hex dump (first 32 bytes):\n 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 .ELF............\n 04 00 3e 00 01 00 00 00 00 00 00 00 00 00 00 00 ..\u003e.............\n backtrace:\n [\u003c0000000016a8ef9f\u003e] __vmalloc_node_range+0x101/0x170\n [\u003c000000002b66b6c0\u003e] __vmalloc_node+0xb4/0x160\n [\u003c00000000ad40107d\u003e] crash_prepare_elf64_headers+0x8e/0xcd0\n [\u003c0000000019afff23\u003e] crash_load_segments+0x260/0x470\n [\u003c0000000019ebe95c\u003e] bzImage64_load+0x814/0xad0\n [\u003c0000000093e16b05\u003e] arch_kexec_kernel_image_load+0x1be/0x2a0\n [\u003c000000009ef2fc88\u003e] kimage_file_alloc_init+0x2ec/0x5a0\n [\u003c0000000038f5a97a\u003e] __do_sys_kexec_file_load+0x28d/0x530\n [\u003c0000000087c19992\u003e] do_syscall_64+0x3b/0x90\n [\u003c0000000066e063a4\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nIn crash_prepare_elf64_headers(), a buffer is allocated via vmalloc() to\nstore elf headers. While it\u0027s not freed back to system correctly when\nkdump kernel is reloaded or unloaded. Then memory leak is caused. Fix it\nby introducing x86 specific function arch_kimage_file_post_load_cleanup(),\nand freeing the buffer there.\n\nAnd also remove the incorrect elf header buffer freeing code. Before\ncalling arch specific kexec_file loading function, the image instance has\nbeen initialized. So \u0027image-\u003eelf_headers\u0027 must be NULL. It doesn\u0027t make\nsense to free the elf header buffer in the place.\n\nThree different people have reported three bugs about the memory leak on\nx86_64 inside Redhat.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49546",
"url": "https://www.suse.com/security/cve/CVE-2022-49546"
},
{
"category": "external",
"summary": "SUSE Bug 1238750 for CVE-2022-49546",
"url": "https://bugzilla.suse.com/1238750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "low"
}
],
"title": "CVE-2022-49546"
},
{
"cve": "CVE-2022-49555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_qca: Use del_timer_sync() before freeing\n\nWhile looking at a crash report on a timer list being corrupted, which\nusually happens when a timer is freed while still active. This is\ncommonly triggered by code calling del_timer() instead of\ndel_timer_sync() just before freeing.\n\nOne possible culprit is the hci_qca driver, which does exactly that.\n\nEric mentioned that wake_retrans_timer could be rearmed via the work\nqueue, so also move the destruction of the work queue before\ndel_timer_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49555",
"url": "https://www.suse.com/security/cve/CVE-2022-49555"
},
{
"category": "external",
"summary": "SUSE Bug 1238231 for CVE-2022-49555",
"url": "https://bugzilla.suse.com/1238231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49555"
},
{
"cve": "CVE-2022-49563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for RSA\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49563",
"url": "https://www.suse.com/security/cve/CVE-2022-49563"
},
{
"category": "external",
"summary": "SUSE Bug 1238787 for CVE-2022-49563",
"url": "https://bugzilla.suse.com/1238787"
},
{
"category": "external",
"summary": "SUSE Bug 1238788 for CVE-2022-49563",
"url": "https://bugzilla.suse.com/1238788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49563"
},
{
"cve": "CVE-2022-49564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for DH\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49564",
"url": "https://www.suse.com/security/cve/CVE-2022-49564"
},
{
"category": "external",
"summary": "SUSE Bug 1238789 for CVE-2022-49564",
"url": "https://bugzilla.suse.com/1238789"
},
{
"category": "external",
"summary": "SUSE Bug 1238790 for CVE-2022-49564",
"url": "https://bugzilla.suse.com/1238790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2022-49564"
},
{
"cve": "CVE-2022-49566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - fix memory leak in RSA\n\nWhen an RSA key represented in form 2 (as defined in PKCS #1 V2.1) is\nused, some components of the private key persist even after the TFM is\nreleased.\nReplace the explicit calls to free the buffers in qat_rsa_exit_tfm()\nwith a call to qat_rsa_clear_ctx() which frees all buffers referenced in\nthe TFM context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49566",
"url": "https://www.suse.com/security/cve/CVE-2022-49566"
},
{
"category": "external",
"summary": "SUSE Bug 1238266 for CVE-2022-49566",
"url": "https://bugzilla.suse.com/1238266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49566"
},
{
"cve": "CVE-2022-49609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe\n\nof_find_matching_node_and_match() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49609",
"url": "https://www.suse.com/security/cve/CVE-2022-49609"
},
{
"category": "external",
"summary": "SUSE Bug 1238241 for CVE-2022-49609",
"url": "https://bugzilla.suse.com/1238241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49609"
},
{
"cve": "CVE-2022-49610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Prevent RSB underflow before vmenter\n\nOn VMX, there are some balanced returns between the time the guest\u0027s\nSPEC_CTRL value is written, and the vmenter.\n\nBalanced returns (matched by a preceding call) are usually ok, but it\u0027s\nat least theoretically possible an NMI with a deep call stack could\nempty the RSB before one of the returns.\n\nFor maximum paranoia, don\u0027t allow *any* returns (balanced or otherwise)\nbetween the SPEC_CTRL write and the vmenter.\n\n [ bp: Fix 32-bit build. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49610",
"url": "https://www.suse.com/security/cve/CVE-2022-49610"
},
{
"category": "external",
"summary": "SUSE Bug 1238952 for CVE-2022-49610",
"url": "https://bugzilla.suse.com/1238952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49610"
},
{
"cve": "CVE-2022-49611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/speculation: Fill RSB on vmexit for IBRS\n\nPrevent RSB underflow/poisoning attacks with RSB. While at it, add a\nbunch of comments to attempt to document the current state of tribal\nknowledge about RSB attacks and what exactly is being mitigated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49611",
"url": "https://www.suse.com/security/cve/CVE-2022-49611"
},
{
"category": "external",
"summary": "SUSE Bug 1238618 for CVE-2022-49611",
"url": "https://bugzilla.suse.com/1238618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49611"
},
{
"cve": "CVE-2022-49623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49623"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/xive/spapr: correct bitmap allocation size\n\nkasan detects access beyond the end of the xibm-\u003ebitmap allocation:\n\nBUG: KASAN: slab-out-of-bounds in _find_first_zero_bit+0x40/0x140\nRead of size 8 at addr c00000001d1d0118 by task swapper/0/1\n\nCPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-rc2-00001-g90df023b36dd #28\nCall Trace:\n[c00000001d98f770] [c0000000012baab8] dump_stack_lvl+0xac/0x108 (unreliable)\n[c00000001d98f7b0] [c00000000068faac] print_report+0x37c/0x710\n[c00000001d98f880] [c0000000006902c0] kasan_report+0x110/0x354\n[c00000001d98f950] [c000000000692324] __asan_load8+0xa4/0xe0\n[c00000001d98f970] [c0000000011c6ed0] _find_first_zero_bit+0x40/0x140\n[c00000001d98f9b0] [c0000000000dbfbc] xive_spapr_get_ipi+0xcc/0x260\n[c00000001d98fa70] [c0000000000d6d28] xive_setup_cpu_ipi+0x1e8/0x450\n[c00000001d98fb30] [c000000004032a20] pSeries_smp_probe+0x5c/0x118\n[c00000001d98fb60] [c000000004018b44] smp_prepare_cpus+0x944/0x9ac\n[c00000001d98fc90] [c000000004009f9c] kernel_init_freeable+0x2d4/0x640\n[c00000001d98fd90] [c0000000000131e8] kernel_init+0x28/0x1d0\n[c00000001d98fe10] [c00000000000cd54] ret_from_kernel_thread+0x5c/0x64\n\nAllocated by task 0:\n kasan_save_stack+0x34/0x70\n __kasan_kmalloc+0xb4/0xf0\n __kmalloc+0x268/0x540\n xive_spapr_init+0x4d0/0x77c\n pseries_init_irq+0x40/0x27c\n init_IRQ+0x44/0x84\n start_kernel+0x2a4/0x538\n start_here_common+0x1c/0x20\n\nThe buggy address belongs to the object at c00000001d1d0118\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n 8-byte region [c00000001d1d0118, c00000001d1d0120)\n\nThe buggy address belongs to the physical page:\npage:c00c000000074740 refcount:1 mapcount:0 mapping:0000000000000000 index:0xc00000001d1d0558 pfn:0x1d1d\nflags: 0x7ffff000000200(slab|node=0|zone=0|lastcpupid=0x7ffff)\nraw: 007ffff000000200 c00000001d0003c8 c00000001d0003c8 c00000001d010480\nraw: c00000001d1d0558 0000000001e1000a 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n c00000001d1d0000: fc 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n c00000001d1d0080: fc fc 00 fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003ec00000001d1d0100: fc fc fc 02 fc fc fc fc fc fc fc fc fc fc fc fc\n ^\n c00000001d1d0180: fc fc fc fc 04 fc fc fc fc fc fc fc fc fc fc fc\n c00000001d1d0200: fc fc fc fc fc 04 fc fc fc fc fc fc fc fc fc fc\n\nThis happens because the allocation uses the wrong unit (bits) when it\nshould pass (BITS_TO_LONGS(count) * sizeof(long)) or equivalent. With small\nnumbers of bits, the allocated object can be smaller than sizeof(long),\nwhich results in invalid accesses.\n\nUse bitmap_zalloc() to allocate and initialize the irq bitmap, paired with\nbitmap_free() for consistency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49623",
"url": "https://www.suse.com/security/cve/CVE-2022-49623"
},
{
"category": "external",
"summary": "SUSE Bug 1239040 for CVE-2022-49623",
"url": "https://bugzilla.suse.com/1239040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49623"
},
{
"cve": "CVE-2022-49627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49627"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix potential memory leak in ima_init_crypto()\n\nOn failure to allocate the SHA1 tfm, IMA fails to initialize and exits\nwithout freeing the ima_algo_array. Add the missing kfree() for\nima_algo_array to avoid the potential memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49627",
"url": "https://www.suse.com/security/cve/CVE-2022-49627"
},
{
"category": "external",
"summary": "SUSE Bug 1237798 for CVE-2022-49627",
"url": "https://bugzilla.suse.com/1237798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49627"
},
{
"cve": "CVE-2022-49631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraw: Fix a data-race around sysctl_raw_l3mdev_accept.\n\nWhile reading sysctl_raw_l3mdev_accept, it can be changed concurrently.\nThus, we need to add READ_ONCE() to its reader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49631",
"url": "https://www.suse.com/security/cve/CVE-2022-49631"
},
{
"category": "external",
"summary": "SUSE Bug 1238814 for CVE-2022-49631",
"url": "https://bugzilla.suse.com/1238814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49631"
},
{
"cve": "CVE-2022-49640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysctl: Fix data races in proc_douintvec_minmax().\n\nA sysctl variable is accessed concurrently, and there is always a chance\nof data-race. So, all readers and writers need some basic protection to\navoid load/store-tearing.\n\nThis patch changes proc_douintvec_minmax() to use READ_ONCE() and\nWRITE_ONCE() internally to fix data-races on the sysctl side. For now,\nproc_douintvec_minmax() itself is tolerant to a data-race, but we still\nneed to add annotations on the other subsystem\u0027s side.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49640",
"url": "https://www.suse.com/security/cve/CVE-2022-49640"
},
{
"category": "external",
"summary": "SUSE Bug 1237782 for CVE-2022-49640",
"url": "https://bugzilla.suse.com/1237782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49640"
},
{
"cve": "CVE-2022-49641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysctl: Fix data races in proc_douintvec().\n\nA sysctl variable is accessed concurrently, and there is always a chance\nof data-race. So, all readers and writers need some basic protection to\navoid load/store-tearing.\n\nThis patch changes proc_douintvec() to use READ_ONCE() and WRITE_ONCE()\ninternally to fix data-races on the sysctl side. For now, proc_douintvec()\nitself is tolerant to a data-race, but we still need to add annotations on\nthe other subsystem\u0027s side.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49641",
"url": "https://www.suse.com/security/cve/CVE-2022-49641"
},
{
"category": "external",
"summary": "SUSE Bug 1237831 for CVE-2022-49641",
"url": "https://bugzilla.suse.com/1237831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49641"
},
{
"cve": "CVE-2022-49643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix a potential integer overflow in ima_appraise_measurement\n\nWhen the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be\nnegative, which may cause the integer overflow problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49643",
"url": "https://www.suse.com/security/cve/CVE-2022-49643"
},
{
"category": "external",
"summary": "SUSE Bug 1238663 for CVE-2022-49643",
"url": "https://bugzilla.suse.com/1238663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49643"
},
{
"cve": "CVE-2022-49644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()\n\nIf drm_connector_init fails, intel_connector_free will be called to take\ncare of proper free. So it is necessary to drop the refcount of port\nbefore intel_connector_free.\n\n(cherry picked from commit cea9ed611e85d36a05db52b6457bf584b7d969e2)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49644",
"url": "https://www.suse.com/security/cve/CVE-2022-49644"
},
{
"category": "external",
"summary": "SUSE Bug 1238235 for CVE-2022-49644",
"url": "https://bugzilla.suse.com/1238235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49644"
},
{
"cve": "CVE-2022-49645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panfrost: Fix shrinker list corruption by madvise IOCTL\n\nCalling madvise IOCTL twice on BO causes memory shrinker list corruption\nand crashes kernel because BO is already on the list and it\u0027s added to\nthe list again, while BO should be removed from the list before it\u0027s\nre-added. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49645",
"url": "https://www.suse.com/security/cve/CVE-2022-49645"
},
{
"category": "external",
"summary": "SUSE Bug 1238435 for CVE-2022-49645",
"url": "https://bugzilla.suse.com/1238435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49645"
},
{
"cve": "CVE-2022-49646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix queue selection for mesh/OCB interfaces\n\nWhen using iTXQ, the code assumes that there is only one vif queue for\nbroadcast packets, using the BE queue. Allowing non-BE queue marking\nviolates that assumption and txq-\u003eac == skb_queue_mapping is no longer\nguaranteed. This can cause issues with queue handling in the driver and\nalso causes issues with the recent ATF change, resulting in an AQL\nunderflow warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49646",
"url": "https://www.suse.com/security/cve/CVE-2022-49646"
},
{
"category": "external",
"summary": "SUSE Bug 1239001 for CVE-2022-49646",
"url": "https://bugzilla.suse.com/1239001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49646"
},
{
"cve": "CVE-2022-49647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: Use separate src/dst nodes when preloading css_sets for migration\n\nEach cset (css_set) is pinned by its tasks. When we\u0027re moving tasks around\nacross csets for a migration, we need to hold the source and destination\ncsets to ensure that they don\u0027t go away while we\u0027re moving tasks about. This\nis done by linking cset-\u003emg_preload_node on either the\nmgctx-\u003epreloaded_src_csets or mgctx-\u003epreloaded_dst_csets list. Using the\nsame cset-\u003emg_preload_node for both the src and dst lists was deemed okay as\na cset can\u0027t be both the source and destination at the same time.\n\nUnfortunately, this overloading becomes problematic when multiple tasks are\ninvolved in a migration and some of them are identity noop migrations while\nothers are actually moving across cgroups. For example, this can happen with\nthe following sequence on cgroup1:\n\n #1\u003e mkdir -p /sys/fs/cgroup/misc/a/b\n #2\u003e echo $$ \u003e /sys/fs/cgroup/misc/a/cgroup.procs\n #3\u003e RUN_A_COMMAND_WHICH_CREATES_MULTIPLE_THREADS \u0026\n #4\u003e PID=$!\n #5\u003e echo $PID \u003e /sys/fs/cgroup/misc/a/b/tasks\n #6\u003e echo $PID \u003e /sys/fs/cgroup/misc/a/cgroup.procs\n\nthe process including the group leader back into a. In this final migration,\nnon-leader threads would be doing identity migration while the group leader\nis doing an actual one.\n\nAfter #3, let\u0027s say the whole process was in cset A, and that after #4, the\nleader moves to cset B. Then, during #6, the following happens:\n\n 1. cgroup_migrate_add_src() is called on B for the leader.\n\n 2. cgroup_migrate_add_src() is called on A for the other threads.\n\n 3. cgroup_migrate_prepare_dst() is called. It scans the src list.\n\n 4. It notices that B wants to migrate to A, so it tries to A to the dst\n list but realizes that its -\u003emg_preload_node is already busy.\n\n 5. and then it notices A wants to migrate to A as it\u0027s an identity\n migration, it culls it by list_del_init()\u0027ing its -\u003emg_preload_node and\n putting references accordingly.\n\n 6. The rest of migration takes place with B on the src list but nothing on\n the dst list.\n\nThis means that A isn\u0027t held while migration is in progress. If all tasks\nleave A before the migration finishes and the incoming task pins it, the\ncset will be destroyed leading to use-after-free.\n\nThis is caused by overloading cset-\u003emg_preload_node for both src and dst\npreload lists. We wanted to exclude the cset from the src list but ended up\ninadvertently excluding it from the dst list too.\n\nThis patch fixes the issue by separating out cset-\u003emg_preload_node into\n-\u003emg_src_preload_node and -\u003emg_dst_preload_node, so that the src and dst\npreloadings don\u0027t interfere with each other.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49647",
"url": "https://www.suse.com/security/cve/CVE-2022-49647"
},
{
"category": "external",
"summary": "SUSE Bug 1238805 for CVE-2022-49647",
"url": "https://bugzilla.suse.com/1238805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49647"
},
{
"cve": "CVE-2022-49648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/histograms: Fix memory leak problem\n\nThis reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac.\n\nAs commit 46bbe5c671e0 (\"tracing: fix double free\") said, the\n\"double free\" problem reported by clang static analyzer is:\n \u003e In parse_var_defs() if there is a problem allocating\n \u003e var_defs.expr, the earlier var_defs.name is freed.\n \u003e This free is duplicated by free_var_defs() which frees\n \u003e the rest of the list.\n\nHowever, if there is a problem allocating N-th var_defs.expr:\n + in parse_var_defs(), the freed \u0027earlier var_defs.name\u0027 is\n actually the N-th var_defs.name;\n + then in free_var_defs(), the names from 0th to (N-1)-th are freed;\n\n IF ALLOCATING PROBLEM HAPPENED HERE!!! -+\n \\\n |\n 0th 1th (N-1)-th N-th V\n +-------------+-------------+-----+-------------+-----------\nvar_defs: | name | expr | name | expr | ... | name | expr | name | ///\n +-------------+-------------+-----+-------------+-----------\n\nThese two frees don\u0027t act on same name, so there was no \"double free\"\nproblem before. Conversely, after that commit, we get a \"memory leak\"\nproblem because the above \"N-th var_defs.name\" is not freed.\n\nIf enable CONFIG_DEBUG_KMEMLEAK and inject a fault at where the N-th\nvar_defs.expr allocated, then execute on shell like:\n $ echo \u0027hist:key=call_site:val=$v1,$v2:v1=bytes_req,v2=bytes_alloc\u0027 \u003e \\\n/sys/kernel/debug/tracing/events/kmem/kmalloc/trigger\n\nThen kmemleak reports:\n unreferenced object 0xffff8fb100ef3518 (size 8):\n comm \"bash\", pid 196, jiffies 4295681690 (age 28.538s)\n hex dump (first 8 bytes):\n 76 31 00 00 b1 8f ff ff v1......\n backtrace:\n [\u003c0000000038fe4895\u003e] kstrdup+0x2d/0x60\n [\u003c00000000c99c049a\u003e] event_hist_trigger_parse+0x206f/0x20e0\n [\u003c00000000ae70d2cc\u003e] trigger_process_regex+0xc0/0x110\n [\u003c0000000066737a4c\u003e] event_trigger_write+0x75/0xd0\n [\u003c000000007341e40c\u003e] vfs_write+0xbb/0x2a0\n [\u003c0000000087fde4c2\u003e] ksys_write+0x59/0xd0\n [\u003c00000000581e9cdf\u003e] do_syscall_64+0x3a/0x80\n [\u003c00000000cf3b065c\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49648",
"url": "https://www.suse.com/security/cve/CVE-2022-49648"
},
{
"category": "external",
"summary": "SUSE Bug 1238278 for CVE-2022-49648",
"url": "https://bugzilla.suse.com/1238278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49648"
},
{
"cve": "CVE-2022-49649",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49649"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue\n\nxenvif_rx_next_skb() is expecting the rx queue not being empty, but\nin case the loop in xenvif_rx_action() is doing multiple iterations,\nthe availability of another skb in the rx queue is not being checked.\n\nThis can lead to crashes:\n\n[40072.537261] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080\n[40072.537407] IP: xenvif_rx_skb+0x23/0x590 [xen_netback]\n[40072.537534] PGD 0 P4D 0\n[40072.537644] Oops: 0000 [#1] SMP NOPTI\n[40072.537749] CPU: 0 PID: 12505 Comm: v1-c40247-q2-gu Not tainted 4.12.14-122.121-default #1 SLE12-SP5\n[40072.537867] Hardware name: HP ProLiant DL580 Gen9/ProLiant DL580 Gen9, BIOS U17 11/23/2021\n[40072.537999] task: ffff880433b38100 task.stack: ffffc90043d40000\n[40072.538112] RIP: e030:xenvif_rx_skb+0x23/0x590 [xen_netback]\n[40072.538217] RSP: e02b:ffffc90043d43de0 EFLAGS: 00010246\n[40072.538319] RAX: 0000000000000000 RBX: ffffc90043cd7cd0 RCX: 00000000000000f7\n[40072.538430] RDX: 0000000000000000 RSI: 0000000000000006 RDI: ffffc90043d43df8\n[40072.538531] RBP: 000000000000003f R08: 000077ff80000000 R09: 0000000000000008\n[40072.538644] R10: 0000000000007ff0 R11: 00000000000008f6 R12: ffffc90043ce2708\n[40072.538745] R13: 0000000000000000 R14: ffffc90043d43ed0 R15: ffff88043ea748c0\n[40072.538861] FS: 0000000000000000(0000) GS:ffff880484600000(0000) knlGS:0000000000000000\n[40072.538988] CS: e033 DS: 0000 ES: 0000 CR0: 0000000080050033\n[40072.539088] CR2: 0000000000000080 CR3: 0000000407ac8000 CR4: 0000000000040660\n[40072.539211] Call Trace:\n[40072.539319] xenvif_rx_action+0x71/0x90 [xen_netback]\n[40072.539429] xenvif_kthread_guest_rx+0x14a/0x29c [xen_netback]\n\nFix that by stopping the loop in case the rx queue becomes empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49649",
"url": "https://www.suse.com/security/cve/CVE-2022-49649"
},
{
"category": "external",
"summary": "SUSE Bug 1238612 for CVE-2022-49649",
"url": "https://bugzilla.suse.com/1238612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49649"
},
{
"cve": "CVE-2022-49652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not needed anymore.\n\nAdd missing of_node_put() in to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49652",
"url": "https://www.suse.com/security/cve/CVE-2022-49652"
},
{
"category": "external",
"summary": "SUSE Bug 1238871 for CVE-2022-49652",
"url": "https://bugzilla.suse.com/1238871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49652"
},
{
"cve": "CVE-2022-49657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: fix memory leak in error case\n\nusbnet_write_cmd_async() mixed up which buffers\nneed to be freed in which error case.\n\nv2: add Fixes tag\nv3: fix uninitialized buf pointer",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49657",
"url": "https://www.suse.com/security/cve/CVE-2022-49657"
},
{
"category": "external",
"summary": "SUSE Bug 1238269 for CVE-2022-49657",
"url": "https://bugzilla.suse.com/1238269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49657"
},
{
"cve": "CVE-2022-49661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: gs_usb_open/close(): fix memory leak\n\nThe gs_usb driver appears to suffer from a malady common to many USB\nCAN adapter drivers in that it performs usb_alloc_coherent() to\nallocate a number of USB request blocks (URBs) for RX, and then later\nrelies on usb_kill_anchored_urbs() to free them, but this doesn\u0027t\nactually free them. As a result, this may be leaking DMA memory that\u0027s\nbeen used by the driver.\n\nThis commit is an adaptation of the techniques found in the esd_usb2\ndriver where a similar design pattern led to a memory leak. It\nexplicitly frees the RX URBs and their DMA memory via a call to\nusb_free_coherent(). Since the RX URBs were allocated in the\ngs_can_open(), we remove them in gs_can_close() rather than in the\ndisconnect function as was done in esd_usb2.\n\nFor more information, see the 928150fad41b (\"can: esd_usb2: fix memory\nleak\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49661",
"url": "https://www.suse.com/security/cve/CVE-2022-49661"
},
{
"category": "external",
"summary": "SUSE Bug 1237788 for CVE-2022-49661",
"url": "https://bugzilla.suse.com/1237788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49661"
},
{
"cve": "CVE-2022-49670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlinux/dim: Fix divide by 0 in RDMA DIM\n\nFix a divide 0 error in rdma_dim_stats_compare() when prev-\u003ecpe_ratio ==\n0.\n\nCallTrace:\n Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020\n task: ffff880194b78000 task.stack: ffffc90006714000\n RIP: 0010:backport_rdma_dim+0x10e/0x240 [mlx_compat]\n RSP: 0018:ffff880c10e83ec0 EFLAGS: 00010202\n RAX: 0000000000002710 RBX: ffff88096cd7f780 RCX: 0000000000000064\n RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001\n RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 000000001d7c6c09\n R13: ffff88096cd7f780 R14: ffff880b174fe800 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff880c10e80000(0000)\n knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00000000a0965b00 CR3: 000000000200a003 CR4: 00000000007606e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ib_poll_handler+0x43/0x80 [ib_core]\n irq_poll_softirq+0xae/0x110\n __do_softirq+0xd1/0x28c\n irq_exit+0xde/0xf0\n do_IRQ+0x54/0xe0\n common_interrupt+0x8f/0x8f\n \u003c/IRQ\u003e\n ? cpuidle_enter_state+0xd9/0x2a0\n ? cpuidle_enter_state+0xc7/0x2a0\n ? do_idle+0x170/0x1d0\n ? cpu_startup_entry+0x6f/0x80\n ? start_secondary+0x1b9/0x210\n ? secondary_startup_64+0xa5/0xb0\n Code: 0f 87 e1 00 00 00 8b 4c 24 14 44 8b 43 14 89 c8 4d 63 c8 44 29 c0 99 31 d0 29 d0 31 d2 48 98 48 8d 04 80 48 8d 04 80 48 c1 e0 02 \u003c49\u003e f7 f1 48 83 f8 0a 0f 86 c1 00 00 00 44 39 c1 7f 10 48 89 df\n RIP: backport_rdma_dim+0x10e/0x240 [mlx_compat] RSP: ffff880c10e83ec0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49670",
"url": "https://www.suse.com/security/cve/CVE-2022-49670"
},
{
"category": "external",
"summary": "SUSE Bug 1238809 for CVE-2022-49670",
"url": "https://bugzilla.suse.com/1238809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49670"
},
{
"cve": "CVE-2022-49671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cm: Fix memory leak in ib_cm_insert_listen\n\ncm_alloc_id_priv() allocates resource for the cm_id_priv. When\ncm_init_listen() fails it doesn\u0027t free it, leading to memory leak.\n\nAdd the missing error unwind.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49671",
"url": "https://www.suse.com/security/cve/CVE-2022-49671"
},
{
"category": "external",
"summary": "SUSE Bug 1238823 for CVE-2022-49671",
"url": "https://bugzilla.suse.com/1238823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49671"
},
{
"cve": "CVE-2022-49673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix KASAN warning in raid5_add_disks\n\nThere\u0027s a KASAN warning in raid5_add_disk when running the LVM testsuite.\nThe warning happens in the test\nlvconvert-raid-reshape-linear_to_raid6-single-type.sh. We fix the warning\nby verifying that rdev-\u003esaved_raid_disk is within limits.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49673",
"url": "https://www.suse.com/security/cve/CVE-2022-49673"
},
{
"category": "external",
"summary": "SUSE Bug 1238933 for CVE-2022-49673",
"url": "https://bugzilla.suse.com/1238933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49673"
},
{
"cve": "CVE-2022-49674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix accesses beyond end of raid member array\n\nOn dm-raid table load (using raid_ctr), dm-raid allocates an array\nrs-\u003edevs[rs-\u003eraid_disks] for the raid device members. rs-\u003eraid_disks\nis defined by the number of raid metadata and image tupples passed\ninto the target\u0027s constructor.\n\nIn the case of RAID layout changes being requested, that number can be\ndifferent from the current number of members for existing raid sets as\ndefined in their superblocks. Example RAID layout changes include:\n- raid1 legs being added/removed\n- raid4/5/6/10 number of stripes changed (stripe reshaping)\n- takeover to higher raid level (e.g. raid5 -\u003e raid6)\n\nWhen accessing array members, rs-\u003eraid_disks must be used in control\nloops instead of the potentially larger value in rs-\u003emd.raid_disks.\nOtherwise it will cause memory access beyond the end of the rs-\u003edevs\narray.\n\nFix this by changing code that is prone to out-of-bounds access.\nAlso fix validate_raid_redundancy() to validate all devices that are\nadded. Also, use braces to help clean up raid_iterate_devices().\n\nThe out-of-bounds memory accesses was discovered using KASAN.\n\nThis commit was verified to pass all LVM2 RAID tests (with KASAN\nenabled).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49674",
"url": "https://www.suse.com/security/cve/CVE-2022-49674"
},
{
"category": "external",
"summary": "SUSE Bug 1239041 for CVE-2022-49674",
"url": "https://bugzilla.suse.com/1239041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49674"
},
{
"cve": "CVE-2022-49678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\n\nIn brcmstb_init_sram, it pass dn to of_address_to_resource(),\nof_address_to_resource() will call of_find_device_by_node() to take\nreference, so we should release the reference returned by\nof_find_matching_node().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49678",
"url": "https://www.suse.com/security/cve/CVE-2022-49678"
},
{
"category": "external",
"summary": "SUSE Bug 1238821 for CVE-2022-49678",
"url": "https://bugzilla.suse.com/1238821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49678"
},
{
"cve": "CVE-2022-49685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: trigger: sysfs: fix use-after-free on remove\n\nEnsure that the irq_work has completed before the trigger is freed.\n\n ==================================================================\n BUG: KASAN: use-after-free in irq_work_run_list\n Read of size 8 at addr 0000000064702248 by task python3/25\n\n Call Trace:\n irq_work_run_list\n irq_work_tick\n update_process_times\n tick_sched_handle\n tick_sched_timer\n __hrtimer_run_queues\n hrtimer_interrupt\n\n Allocated by task 25:\n kmem_cache_alloc_trace\n iio_sysfs_trig_add\n dev_attr_store\n sysfs_kf_write\n kernfs_fop_write_iter\n new_sync_write\n vfs_write\n ksys_write\n sys_write\n\n Freed by task 25:\n kfree\n iio_sysfs_trig_remove\n dev_attr_store\n sysfs_kf_write\n kernfs_fop_write_iter\n new_sync_write\n vfs_write\n ksys_write\n sys_write\n\n ==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49685",
"url": "https://www.suse.com/security/cve/CVE-2022-49685"
},
{
"category": "external",
"summary": "SUSE Bug 1237963 for CVE-2022-49685",
"url": "https://bugzilla.suse.com/1237963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49685"
},
{
"cve": "CVE-2022-49687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: fix xdp_rxq_info bug after suspend/resume\n\nThe following sequence currently causes a driver bug warning\nwhen using virtio_net:\n\n # ip link set eth0 up\n # echo mem \u003e /sys/power/state (or e.g. # rtcwake -s 10 -m mem)\n \u003cresume\u003e\n # ip link set eth0 down\n\n Missing register, driver bug\n WARNING: CPU: 0 PID: 375 at net/core/xdp.c:138 xdp_rxq_info_unreg+0x58/0x60\n Call trace:\n xdp_rxq_info_unreg+0x58/0x60\n virtnet_close+0x58/0xac\n __dev_close_many+0xac/0x140\n __dev_change_flags+0xd8/0x210\n dev_change_flags+0x24/0x64\n do_setlink+0x230/0xdd0\n ...\n\nThis happens because virtnet_freeze() frees the receive_queue\ncompletely (including struct xdp_rxq_info) but does not call\nxdp_rxq_info_unreg(). Similarly, virtnet_restore() sets up the\nreceive_queue again but does not call xdp_rxq_info_reg().\n\nActually, parts of virtnet_freeze_down() and virtnet_restore_up()\nare almost identical to virtnet_close() and virtnet_open(): only\nthe calls to xdp_rxq_info_(un)reg() are missing. This means that\nwe can fix this easily and avoid such problems in the future by\njust calling virtnet_close()/open() from the freeze/restore handlers.\n\nAside from adding the missing xdp_rxq_info calls the only difference\nis that the refill work is only cancelled if netif_running(). However,\nthis should not make any functional difference since the refill work\nshould only be active if the network interface is actually up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49687",
"url": "https://www.suse.com/security/cve/CVE-2022-49687"
},
{
"category": "external",
"summary": "SUSE Bug 1238181 for CVE-2022-49687",
"url": "https://bugzilla.suse.com/1238181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49687"
},
{
"cve": "CVE-2022-49693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf\n\nof_graph_get_remote_node() returns remote device node pointer with\nrefcount incremented, we should use of_node_put() on it\nwhen not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\n\nPatchwork: https://patchwork.freedesktop.org/patch/488473/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49693",
"url": "https://www.suse.com/security/cve/CVE-2022-49693"
},
{
"category": "external",
"summary": "SUSE Bug 1237954 for CVE-2022-49693",
"url": "https://bugzilla.suse.com/1237954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49693"
},
{
"cve": "CVE-2022-49700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: add missing TID updates on slab deactivation\n\nThe fastpath in slab_alloc_node() assumes that c-\u003eslab is stable as long as\nthe TID stays the same. However, two places in __slab_alloc() currently\ndon\u0027t update the TID when deactivating the CPU slab.\n\nIf multiple operations race the right way, this could lead to an object\ngetting lost; or, in an even more unlikely situation, it could even lead to\nan object being freed onto the wrong slab\u0027s freelist, messing up the\n`inuse` counter and eventually causing a page to be freed to the page\nallocator while it still contains slab objects.\n\n(I haven\u0027t actually tested these cases though, this is just based on\nlooking at the code. Writing testcases for this stuff seems like it\u0027d be\na pain...)\n\nThe race leading to state inconsistency is (all operations on the same CPU\nand kmem_cache):\n\n - task A: begin do_slab_free():\n - read TID\n - read pcpu freelist (==NULL)\n - check `slab == c-\u003eslab` (true)\n - [PREEMPT A-\u003eB]\n - task B: begin slab_alloc_node():\n - fastpath fails (`c-\u003efreelist` is NULL)\n - enter __slab_alloc()\n - slub_get_cpu_ptr() (disables preemption)\n - enter ___slab_alloc()\n - take local_lock_irqsave()\n - read c-\u003efreelist as NULL\n - get_freelist() returns NULL\n - write `c-\u003eslab = NULL`\n - drop local_unlock_irqrestore()\n - goto new_slab\n - slub_percpu_partial() is NULL\n - get_partial() returns NULL\n - slub_put_cpu_ptr() (enables preemption)\n - [PREEMPT B-\u003eA]\n - task A: finish do_slab_free():\n - this_cpu_cmpxchg_double() succeeds()\n - [CORRUPT STATE: c-\u003eslab==NULL, c-\u003efreelist!=NULL]\n\nFrom there, the object on c-\u003efreelist will get lost if task B is allowed to\ncontinue from here: It will proceed to the retry_load_slab label,\nset c-\u003eslab, then jump to load_freelist, which clobbers c-\u003efreelist.\n\nBut if we instead continue as follows, we get worse corruption:\n\n - task A: run __slab_free() on object from other struct slab:\n - CPU_PARTIAL_FREE case (slab was on no list, is now on pcpu partial)\n - task A: run slab_alloc_node() with NUMA node constraint:\n - fastpath fails (c-\u003eslab is NULL)\n - call __slab_alloc()\n - slub_get_cpu_ptr() (disables preemption)\n - enter ___slab_alloc()\n - c-\u003eslab is NULL: goto new_slab\n - slub_percpu_partial() is non-NULL\n - set c-\u003eslab to slub_percpu_partial(c)\n - [CORRUPT STATE: c-\u003eslab points to slab-1, c-\u003efreelist has objects\n from slab-2]\n - goto redo\n - node_match() fails\n - goto deactivate_slab\n - existing c-\u003efreelist is passed into deactivate_slab()\n - inuse count of slab-1 is decremented to account for object from\n slab-2\n\nAt this point, the inuse count of slab-1 is 1 lower than it should be.\nThis means that if we free all allocated objects in slab-1 except for one,\nSLUB will think that slab-1 is completely unused, and may free its page,\nleading to use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49700",
"url": "https://www.suse.com/security/cve/CVE-2022-49700"
},
{
"category": "external",
"summary": "SUSE Bug 1238249 for CVE-2022-49700",
"url": "https://bugzilla.suse.com/1238249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49700"
},
{
"cve": "CVE-2022-49701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Allocate/free queue resource only during probe/remove\n\nCurrently, the sub-queues and event pool resources are allocated/freed for\nevery CRQ connection event such as reset and LPM. This exposes the driver\nto a couple issues. First the inefficiency of freeing and reallocating\nmemory that can simply be resued after being sanitized. Further, a system\nunder memory pressue runs the risk of allocation failures that could result\nin a crippled driver. Finally, there is a race window where command\nsubmission/compeletion can try to pull/return elements from/to an event\npool that is being deleted or already has been deleted due to the lack of\nhost state around freeing/allocating resources. The following is an example\nof list corruption following a live partition migration (LPM):\n\nOops: Exception in kernel mode, sig: 5 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: vfat fat isofs cdrom ext4 mbcache jbd2 nft_counter nft_compat nf_tables nfnetlink rpadlpar_io rpaphp xsk_diag nfsv3 nfs_acl nfs lockd grace fscache netfs rfkill bonding tls sunrpc pseries_rng drm drm_panel_orientation_quirks xfs libcrc32c dm_service_time sd_mod t10_pi sg ibmvfc scsi_transport_fc ibmveth vmx_crypto dm_multipath dm_mirror dm_region_hash dm_log dm_mod ipmi_devintf ipmi_msghandler fuse\nCPU: 0 PID: 2108 Comm: ibmvfc_0 Kdump: loaded Not tainted 5.14.0-70.9.1.el9_0.ppc64le #1\nNIP: c0000000007c4bb0 LR: c0000000007c4bac CTR: 00000000005b9a10\nREGS: c00000025c10b760 TRAP: 0700 Not tainted (5.14.0-70.9.1.el9_0.ppc64le)\nMSR: 800000000282b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 2800028f XER: 0000000f\nCFAR: c0000000001f55bc IRQMASK: 0\n GPR00: c0000000007c4bac c00000025c10ba00 c000000002a47c00 000000000000004e\n GPR04: c0000031e3006f88 c0000031e308bd00 c00000025c10b768 0000000000000027\n GPR08: 0000000000000000 c0000031e3009dc0 00000031e0eb0000 0000000000000000\n GPR12: c0000031e2ffffa8 c000000002dd0000 c000000000187108 c00000020fcee2c0\n GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR20: 0000000000000000 0000000000000000 0000000000000000 c008000002f81300\n GPR24: 5deadbeef0000100 5deadbeef0000122 c000000263ba6910 c00000024cc88000\n GPR28: 000000000000003c c0000002430a0000 c0000002430ac300 000000000000c300\nNIP [c0000000007c4bb0] __list_del_entry_valid+0x90/0x100\nLR [c0000000007c4bac] __list_del_entry_valid+0x8c/0x100\nCall Trace:\n[c00000025c10ba00] [c0000000007c4bac] __list_del_entry_valid+0x8c/0x100 (unreliable)\n[c00000025c10ba60] [c008000002f42284] ibmvfc_free_queue+0xec/0x210 [ibmvfc]\n[c00000025c10bb10] [c008000002f4246c] ibmvfc_deregister_scsi_channel+0xc4/0x160 [ibmvfc]\n[c00000025c10bba0] [c008000002f42580] ibmvfc_release_sub_crqs+0x78/0x130 [ibmvfc]\n[c00000025c10bc20] [c008000002f4f6cc] ibmvfc_do_work+0x5c4/0xc70 [ibmvfc]\n[c00000025c10bce0] [c008000002f4fdec] ibmvfc_work+0x74/0x1e8 [ibmvfc]\n[c00000025c10bda0] [c0000000001872b8] kthread+0x1b8/0x1c0\n[c00000025c10be10] [c00000000000cd64] ret_from_kernel_thread+0x5c/0x64\nInstruction dump:\n40820034 38600001 38210060 4e800020 7c0802a6 7c641b78 3c62fe7a 7d254b78\n3863b590 f8010070 4ba309cd 60000000 \u003c0fe00000\u003e 7c0802a6 3c62fe7a 3863b640\n---[ end trace 11a2b65a92f8b66c ]---\nibmvfc 30000003: Send warning. Receive queue closed, will retry.\n\nAdd registration/deregistration helpers that are called instead during\nconnection resets to sanitize and reconfigure the queues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49701",
"url": "https://www.suse.com/security/cve/CVE-2022-49701"
},
{
"category": "external",
"summary": "SUSE Bug 1237810 for CVE-2022-49701",
"url": "https://bugzilla.suse.com/1237810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49701"
},
{
"cve": "CVE-2022-49703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Store vhost pointer during subcrq allocation\n\nCurrently the back pointer from a queue to the vhost adapter isn\u0027t set\nuntil after subcrq interrupt registration. The value is available when a\nqueue is first allocated and can/should be also set for primary and async\nqueues as well as subcrqs.\n\nThis fixes a crash observed during kexec/kdump on Power 9 with legacy XICS\ninterrupt controller where a pending subcrq interrupt from the previous\nkernel can be replayed immediately upon IRQ registration resulting in\ndereference of a garbage backpointer in ibmvfc_interrupt_scsi().\n\nKernel attempted to read user page (58) - exploit attempt? (uid: 0)\nBUG: Kernel NULL pointer dereference on read at 0x00000058\nFaulting instruction address: 0xc008000003216a08\nOops: Kernel access of bad area, sig: 11 [#1]\n...\nNIP [c008000003216a08] ibmvfc_interrupt_scsi+0x40/0xb0 [ibmvfc]\nLR [c0000000082079e8] __handle_irq_event_percpu+0x98/0x270\nCall Trace:\n[c000000047fa3d80] [c0000000123e6180] 0xc0000000123e6180 (unreliable)\n[c000000047fa3df0] [c0000000082079e8] __handle_irq_event_percpu+0x98/0x270\n[c000000047fa3ea0] [c000000008207d18] handle_irq_event+0x98/0x188\n[c000000047fa3ef0] [c00000000820f564] handle_fasteoi_irq+0xc4/0x310\n[c000000047fa3f40] [c000000008205c60] generic_handle_irq+0x50/0x80\n[c000000047fa3f60] [c000000008015c40] __do_irq+0x70/0x1a0\n[c000000047fa3f90] [c000000008016d7c] __do_IRQ+0x9c/0x130\n[c000000014622f60] [0000000020000000] 0x20000000\n[c000000014622ff0] [c000000008016e50] do_IRQ+0x40/0xa0\n[c000000014623020] [c000000008017044] replay_soft_interrupts+0x194/0x2f0\n[c000000014623210] [c0000000080172a8] arch_local_irq_restore+0x108/0x170\n[c000000014623240] [c000000008eb1008] _raw_spin_unlock_irqrestore+0x58/0xb0\n[c000000014623270] [c00000000820b12c] __setup_irq+0x49c/0x9f0\n[c000000014623310] [c00000000820b7c0] request_threaded_irq+0x140/0x230\n[c000000014623380] [c008000003212a50] ibmvfc_register_scsi_channel+0x1e8/0x2f0 [ibmvfc]\n[c000000014623450] [c008000003213d1c] ibmvfc_init_sub_crqs+0xc4/0x1f0 [ibmvfc]\n[c0000000146234d0] [c0080000032145a8] ibmvfc_reset_crq+0x150/0x210 [ibmvfc]\n[c000000014623550] [c0080000032147c8] ibmvfc_init_crq+0x160/0x280 [ibmvfc]\n[c0000000146235f0] [c00800000321a9cc] ibmvfc_probe+0x2a4/0x530 [ibmvfc]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49703",
"url": "https://www.suse.com/security/cve/CVE-2022-49703"
},
{
"category": "external",
"summary": "SUSE Bug 1238131 for CVE-2022-49703",
"url": "https://bugzilla.suse.com/1238131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49703"
},
{
"cve": "CVE-2022-49707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add reserved GDT blocks check\n\nWe capture a NULL pointer issue when resizing a corrupt ext4 image which\nis freshly clear resize_inode feature (not run e2fsck). It could be\nsimply reproduced by following steps. The problem is because of the\nresize_inode feature was cleared, and it will convert the filesystem to\nmeta_bg mode in ext4_resize_fs(), but the es-\u003es_reserved_gdt_blocks was\nnot reduced to zero, so could we mistakenly call reserve_backup_gdb()\nand passing an uninitialized resize_inode to it when adding new group\ndescriptors.\n\n mkfs.ext4 /dev/sda 3G\n tune2fs -O ^resize_inode /dev/sda #forget to run requested e2fsck\n mount /dev/sda /mnt\n resize2fs /dev/sda 8G\n\n ========\n BUG: kernel NULL pointer dereference, address: 0000000000000028\n CPU: 19 PID: 3243 Comm: resize2fs Not tainted 5.18.0-rc7-00001-gfde086c5ebfd #748\n ...\n RIP: 0010:ext4_flex_group_add+0xe08/0x2570\n ...\n Call Trace:\n \u003cTASK\u003e\n ext4_resize_fs+0xbec/0x1660\n __ext4_ioctl+0x1749/0x24e0\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xa6/0x110\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f2dd739617b\n ========\n\nThe fix is simple, add a check in ext4_resize_begin() to make sure that\nthe es-\u003es_reserved_gdt_blocks is zero when the resize_inode feature is\ndisabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49707",
"url": "https://www.suse.com/security/cve/CVE-2022-49707"
},
{
"category": "external",
"summary": "SUSE Bug 1239035 for CVE-2022-49707",
"url": "https://bugzilla.suse.com/1239035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49707"
},
{
"cve": "CVE-2022-49708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug_on ext4_mb_use_inode_pa\n\nHulk Robot reported a BUG_ON:\n==================================================================\nkernel BUG at fs/ext4/mballoc.c:3211!\n[...]\nRIP: 0010:ext4_mb_mark_diskspace_used.cold+0x85/0x136f\n[...]\nCall Trace:\n ext4_mb_new_blocks+0x9df/0x5d30\n ext4_ext_map_blocks+0x1803/0x4d80\n ext4_map_blocks+0x3a4/0x1a10\n ext4_writepages+0x126d/0x2c30\n do_writepages+0x7f/0x1b0\n __filemap_fdatawrite_range+0x285/0x3b0\n file_write_and_wait_range+0xb1/0x140\n ext4_sync_file+0x1aa/0xca0\n vfs_fsync_range+0xfb/0x260\n do_fsync+0x48/0xa0\n[...]\n==================================================================\n\nAbove issue may happen as follows:\n-------------------------------------\ndo_fsync\n vfs_fsync_range\n ext4_sync_file\n file_write_and_wait_range\n __filemap_fdatawrite_range\n do_writepages\n ext4_writepages\n mpage_map_and_submit_extent\n mpage_map_one_extent\n ext4_map_blocks\n ext4_mb_new_blocks\n ext4_mb_normalize_request\n \u003e\u003e\u003e start + size \u003c= ac-\u003eac_o_ex.fe_logical\n ext4_mb_regular_allocator\n ext4_mb_simple_scan_group\n ext4_mb_use_best_found\n ext4_mb_new_preallocation\n ext4_mb_new_inode_pa\n ext4_mb_use_inode_pa\n \u003e\u003e\u003e set ac-\u003eac_b_ex.fe_len \u003c= 0\n ext4_mb_mark_diskspace_used\n \u003e\u003e\u003e BUG_ON(ac-\u003eac_b_ex.fe_len \u003c= 0);\n\nwe can easily reproduce this problem with the following commands:\n\t`fallocate -l100M disk`\n\t`mkfs.ext4 -b 1024 -g 256 disk`\n\t`mount disk /mnt`\n\t`fsstress -d /mnt -l 0 -n 1000 -p 1`\n\nThe size must be smaller than or equal to EXT4_BLOCKS_PER_GROUP.\nTherefore, \"start + size \u003c= ac-\u003eac_o_ex.fe_logical\" may occur\nwhen the size is truncated. So start should be the start position of\nthe group where ac_o_ex.fe_logical is located after alignment.\nIn addition, when the value of fe_logical or EXT4_BLOCKS_PER_GROUP\nis very large, the value calculated by start_off is more accurate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49708",
"url": "https://www.suse.com/security/cve/CVE-2022-49708"
},
{
"category": "external",
"summary": "SUSE Bug 1238599 for CVE-2022-49708",
"url": "https://bugzilla.suse.com/1238599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49708"
},
{
"cve": "CVE-2022-49710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm mirror log: round up region bitmap size to BITS_PER_LONG\n\nThe code in dm-log rounds up bitset_size to 32 bits. It then uses\nfind_next_zero_bit_le on the allocated region. find_next_zero_bit_le\naccesses the bitmap using unsigned long pointers. So, on 64-bit\narchitectures, it may access 4 bytes beyond the allocated size.\n\nFix this bug by rounding up bitset_size to BITS_PER_LONG.\n\nThis bug was found by running the lvm2 testsuite with kasan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49710",
"url": "https://www.suse.com/security/cve/CVE-2022-49710"
},
{
"category": "external",
"summary": "SUSE Bug 1238417 for CVE-2022-49710",
"url": "https://bugzilla.suse.com/1238417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49710"
},
{
"cve": "CVE-2022-49711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove()\n\nIn fsl_mc_bus_remove(), mc-\u003eroot_mc_bus_dev-\u003emc_io is passed to\nfsl_destroy_mc_io(). However, mc-\u003eroot_mc_bus_dev is already freed in\nfsl_mc_device_remove(). Then reference to mc-\u003eroot_mc_bus_dev-\u003emc_io\ntriggers KASAN use-after-free. To avoid the use-after-free, keep the\nreference to mc-\u003eroot_mc_bus_dev-\u003emc_io in a local variable and pass to\nfsl_destroy_mc_io().\n\nThis patch needs rework to apply to kernels older than v5.15.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49711",
"url": "https://www.suse.com/security/cve/CVE-2022-49711"
},
{
"category": "external",
"summary": "SUSE Bug 1238416 for CVE-2022-49711",
"url": "https://bugzilla.suse.com/1238416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49711"
},
{
"cve": "CVE-2022-49712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49712"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\nof_node_put() will check NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49712",
"url": "https://www.suse.com/security/cve/CVE-2022-49712"
},
{
"category": "external",
"summary": "SUSE Bug 1238239 for CVE-2022-49712",
"url": "https://bugzilla.suse.com/1238239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49712"
},
{
"cve": "CVE-2022-49713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: Fix memory leak in dwc2_hcd_init\n\nusb_create_hcd will alloc memory for hcd, and we should\ncall usb_put_hcd to free it when platform_get_resource()\nfails to prevent memory leak.\ngoto error2 label instead error1 to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49713",
"url": "https://www.suse.com/security/cve/CVE-2022-49713"
},
{
"category": "external",
"summary": "SUSE Bug 1238419 for CVE-2022-49713",
"url": "https://bugzilla.suse.com/1238419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49713"
},
{
"cve": "CVE-2022-49720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix handling of offline queues in blk_mq_alloc_request_hctx()\n\nThis patch prevents that test nvme/004 triggers the following:\n\nUBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9\nindex 512 is out of range for type \u0027long unsigned int [512]\u0027\nCall Trace:\n show_stack+0x52/0x58\n dump_stack_lvl+0x49/0x5e\n dump_stack+0x10/0x12\n ubsan_epilogue+0x9/0x3b\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n blk_mq_alloc_request_hctx+0x304/0x310\n __nvme_submit_sync_cmd+0x70/0x200 [nvme_core]\n nvmf_connect_io_queue+0x23e/0x2a0 [nvme_fabrics]\n nvme_loop_connect_io_queues+0x8d/0xb0 [nvme_loop]\n nvme_loop_create_ctrl+0x58e/0x7d0 [nvme_loop]\n nvmf_create_ctrl+0x1d7/0x4d0 [nvme_fabrics]\n nvmf_dev_write+0xae/0x111 [nvme_fabrics]\n vfs_write+0x144/0x560\n ksys_write+0xb7/0x140\n __x64_sys_write+0x42/0x50\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49720",
"url": "https://www.suse.com/security/cve/CVE-2022-49720"
},
{
"category": "external",
"summary": "SUSE Bug 1238281 for CVE-2022-49720",
"url": "https://bugzilla.suse.com/1238281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49720"
},
{
"cve": "CVE-2022-49723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/reset: Fix error_state_read ptr + offset use\n\nFix our pointer offset usage in error_state_read\nwhen there is no i915_gpu_coredump but buf offset\nis non-zero.\n\nThis fixes a kernel page fault can happen when\nmultiple tests are running concurrently in a loop\nand one is producing engine resets and consuming\nthe i915 error_state dump while the other is\nforcing full GT resets. (takes a while to trigger).\n\nThe dmesg call trace:\n\n[ 5590.803000] BUG: unable to handle page fault for address:\n ffffffffa0b0e000\n[ 5590.803009] #PF: supervisor read access in kernel mode\n[ 5590.803013] #PF: error_code(0x0000) - not-present page\n[ 5590.803016] PGD 5814067 P4D 5814067 PUD 5815063 PMD 109de4067\n PTE 0\n[ 5590.803022] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 5590.803026] CPU: 5 PID: 13656 Comm: i915_hangman Tainted: G U\n 5.17.0-rc5-ups69-guc-err-capt-rev6+ #136\n[ 5590.803033] Hardware name: Intel Corporation Alder Lake Client\n Platform/AlderLake-M LP4x RVP, BIOS ADLPFWI1.R00.\n 3031.A02.2201171222\t01/17/2022\n[ 5590.803039] RIP: 0010:memcpy_erms+0x6/0x10\n[ 5590.803045] Code: fe ff ff cc eb 1e 0f 1f 00 48 89 f8 48 89 d1\n 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3\n 66 0f 1f 44 00 00 48 89 f8 48 89 d1 \u003cf3\u003e a4\n c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20\n 72 7e 40 38 fe\n[ 5590.803054] RSP: 0018:ffffc90003a8fdf0 EFLAGS: 00010282\n[ 5590.803057] RAX: ffff888107ee9000 RBX: ffff888108cb1a00\n RCX: 0000000000000f8f\n[ 5590.803061] RDX: 0000000000001000 RSI: ffffffffa0b0e000\n RDI: ffff888107ee9071\n[ 5590.803065] RBP: 0000000000000000 R08: 0000000000000001\n R09: 0000000000000001\n[ 5590.803069] R10: 0000000000000001 R11: 0000000000000002\n R12: 0000000000000019\n[ 5590.803073] R13: 0000000000174fff R14: 0000000000001000\n R15: ffff888107ee9000\n[ 5590.803077] FS: 00007f62a99bee80(0000) GS:ffff88849f880000(0000)\n knlGS:0000000000000000\n[ 5590.803082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5590.803085] CR2: ffffffffa0b0e000 CR3: 000000010a1a8004\n CR4: 0000000000770ee0\n[ 5590.803089] PKRU: 55555554\n[ 5590.803091] Call Trace:\n[ 5590.803093] \u003cTASK\u003e\n[ 5590.803096] error_state_read+0xa1/0xd0 [i915]\n[ 5590.803175] kernfs_fop_read_iter+0xb2/0x1b0\n[ 5590.803180] new_sync_read+0x116/0x1a0\n[ 5590.803185] vfs_read+0x114/0x1b0\n[ 5590.803189] ksys_read+0x63/0xe0\n[ 5590.803193] do_syscall_64+0x38/0xc0\n[ 5590.803197] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 5590.803201] RIP: 0033:0x7f62aaea5912\n[ 5590.803204] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 5a b9 0c 00 e8 05\n 19 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25\n 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff\n ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n[ 5590.803213] RSP: 002b:00007fff5b659ae8 EFLAGS: 00000246\n ORIG_RAX: 0000000000000000\n[ 5590.803218] RAX: ffffffffffffffda RBX: 0000000000100000\n RCX: 00007f62aaea5912\n[ 5590.803221] RDX: 000000000008b000 RSI: 00007f62a8c4000f\n RDI: 0000000000000006\n[ 5590.803225] RBP: 00007f62a8bcb00f R08: 0000000000200010\n R09: 0000000000101000\n[ 5590.803229] R10: 0000000000000001 R11: 0000000000000246\n R12: 0000000000000006\n[ 5590.803233] R13: 0000000000075000 R14: 00007f62a8acb010\n R15: 0000000000200000\n[ 5590.803238] \u003c/TASK\u003e\n[ 5590.803240] Modules linked in: i915 ttm drm_buddy drm_dp_helper\n drm_kms_helper syscopyarea sysfillrect sysimgblt\n fb_sys_fops prime_numbers nfnetlink br_netfilter\n overlay mei_pxp mei_hdcp x86_pkg_temp_thermal\n coretemp kvm_intel snd_hda_codec_hdmi snd_hda_intel\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49723",
"url": "https://www.suse.com/security/cve/CVE-2022-49723"
},
{
"category": "external",
"summary": "SUSE Bug 1237997 for CVE-2022-49723",
"url": "https://bugzilla.suse.com/1237997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49723"
},
{
"cve": "CVE-2022-49724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: goldfish: Fix free_irq() on remove\n\nPass the correct dev_id to free_irq() to fix this splat when the driver\nis unbound:\n\n WARNING: CPU: 0 PID: 30 at kernel/irq/manage.c:1895 free_irq\n Trying to free already-free IRQ 65\n Call Trace:\n warn_slowpath_fmt\n free_irq\n goldfish_tty_remove\n platform_remove\n device_remove\n device_release_driver_internal\n device_driver_detach\n unbind_store\n drv_attr_store\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49724",
"url": "https://www.suse.com/security/cve/CVE-2022-49724"
},
{
"category": "external",
"summary": "SUSE Bug 1238869 for CVE-2022-49724",
"url": "https://bugzilla.suse.com/1238869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49724"
},
{
"cve": "CVE-2022-49729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred\n\nSimilar to the handling of play_deferred in commit 19cfe912c37b\n(\"Bluetooth: btusb: Fix memory leak in play_deferred\"), we thought\na patch might be needed here as well.\n\nCurrently usb_submit_urb is called directly to submit deferred tx\nurbs after unanchor them.\n\nSo the usb_giveback_urb_bh would failed to unref it in usb_unanchor_urb\nand cause memory leak.\n\nPut those urbs in tx_anchor to avoid the leak, and also fix the error\nhandling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49729",
"url": "https://www.suse.com/security/cve/CVE-2022-49729"
},
{
"category": "external",
"summary": "SUSE Bug 1239060 for CVE-2022-49729",
"url": "https://bugzilla.suse.com/1239060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "low"
}
],
"title": "CVE-2022-49729"
},
{
"cve": "CVE-2022-49730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted\n\nA use-after-free crash can occur after an ELS LOGO is aborted.\n\nSpecifically, a nodelist structure is freed and then\nndlp-\u003evport-\u003ecfg_log_verbose is dereferenced in lpfc_nlp_get() when the\ndiscovery state machine is mistakenly called a second time with\nNLP_EVT_DEVICE_RM argument.\n\nRework lpfc_cmpl_els_logo() to prevent the duplicate calls to release a\nnodelist structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49730",
"url": "https://www.suse.com/security/cve/CVE-2022-49730"
},
{
"category": "external",
"summary": "SUSE Bug 1239070 for CVE-2022-49730",
"url": "https://bugzilla.suse.com/1239070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49730"
},
{
"cve": "CVE-2022-49731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()\n\nIn an unlikely (and probably wrong?) case that the \u0027ppi\u0027 parameter of\nata_host_alloc_pinfo() points to an array starting with a NULL pointer,\nthere\u0027s going to be a kernel oops as the \u0027pi\u0027 local variable won\u0027t get\nreassigned from the initial value of NULL. Initialize \u0027pi\u0027 instead to\n\u0027\u0026ata_dummy_port_info\u0027 to fix the possible kernel oops for good...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49731",
"url": "https://www.suse.com/security/cve/CVE-2022-49731"
},
{
"category": "external",
"summary": "SUSE Bug 1239071 for CVE-2022-49731",
"url": "https://bugzilla.suse.com/1239071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49731"
},
{
"cve": "CVE-2022-49733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC\n\nThere is a small race window at snd_pcm_oss_sync() that is called from\nOSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls\nsnd_pcm_oss_make_ready() at first, then takes the params_lock mutex\nfor the rest. When the stream is set up again by another thread\nbetween them, it leads to inconsistency, and may result in unexpected\nresults such as NULL dereference of OSS buffer as a fuzzer spotted\nrecently.\n\nThe fix is simply to cover snd_pcm_oss_make_ready() call into the same\nparams_lock mutex with snd_pcm_oss_make_ready_locked() variant.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49733",
"url": "https://www.suse.com/security/cve/CVE-2022-49733"
},
{
"category": "external",
"summary": "SUSE Bug 1238454 for CVE-2022-49733",
"url": "https://bugzilla.suse.com/1238454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49733"
},
{
"cve": "CVE-2022-49739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Always check inode size of inline inodes\n\nCheck if the inode size of stuffed (inline) inodes is within the allowed\nrange when reading inodes from disk (gfs2_dinode_in()). This prevents\nus from on-disk corruption.\n\nThe two checks in stuffed_readpage() and gfs2_unstuffer_page() that just\ntruncate inline data to the maximum allowed size don\u0027t actually make\nsense, and they can be removed now as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49739",
"url": "https://www.suse.com/security/cve/CVE-2022-49739"
},
{
"category": "external",
"summary": "SUSE Bug 1240207 for CVE-2022-49739",
"url": "https://bugzilla.suse.com/1240207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2022-49739"
},
{
"cve": "CVE-2023-2162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2162"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2162",
"url": "https://www.suse.com/security/cve/CVE-2023-2162"
},
{
"category": "external",
"summary": "SUSE Bug 1210647 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1210647"
},
{
"category": "external",
"summary": "SUSE Bug 1210662 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1210662"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1214128"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-2162",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2023-2162"
},
{
"cve": "CVE-2023-3567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3567"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3567",
"url": "https://www.suse.com/security/cve/CVE-2023-3567"
},
{
"category": "external",
"summary": "SUSE Bug 1213167 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1213167"
},
{
"category": "external",
"summary": "SUSE Bug 1213244 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1213244"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1215674"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-3567",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2023-3567"
},
{
"cve": "CVE-2023-52935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/khugepaged: fix -\u003eanon_vma race\n\nIf an -\u003eanon_vma is attached to the VMA, collapse_and_free_pmd() requires\nit to be locked.\n\nPage table traversal is allowed under any one of the mmap lock, the\nanon_vma lock (if the VMA is associated with an anon_vma), and the\nmapping lock (if the VMA is associated with a mapping); and so to be\nable to remove page tables, we must hold all three of them. \nretract_page_tables() bails out if an -\u003eanon_vma is attached, but does\nthis check before holding the mmap lock (as the comment above the check\nexplains).\n\nIf we racily merged an existing -\u003eanon_vma (shared with a child\nprocess) from a neighboring VMA, subsequent rmap traversals on pages\nbelonging to the child will be able to see the page tables that we are\nconcurrently removing while assuming that nothing else can access them.\n\nRepeat the -\u003eanon_vma check once we hold the mmap lock to ensure that\nthere really is no concurrent page table access.\n\nHitting this bug causes a lockdep warning in collapse_and_free_pmd(),\nin the line \"lockdep_assert_held_write(\u0026vma-\u003eanon_vma-\u003eroot-\u003erwsem)\". \nIt can also lead to use-after-free access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52935",
"url": "https://www.suse.com/security/cve/CVE-2023-52935"
},
{
"category": "external",
"summary": "SUSE Bug 1240276 for CVE-2023-52935",
"url": "https://bugzilla.suse.com/1240276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-52935"
},
{
"cve": "CVE-2023-52973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF\n\nAfter a call to console_unlock() in vcs_read() the vc_data struct can be\nfreed by vc_deallocate(). Because of that, the struct vc_data pointer\nload must be done at the top of while loop in vcs_read() to avoid a UAF\nwhen vcs_size() is called.\n\nSyzkaller reported a UAF in vcs_size().\n\nBUG: KASAN: use-after-free in vcs_size (drivers/tty/vt/vc_screen.c:215)\nRead of size 4 at addr ffff8881137479a8 by task 4a005ed81e27e65/1537\n\nCPU: 0 PID: 1537 Comm: 4a005ed81e27e65 Not tainted 6.2.0-rc5 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module\nCall Trace:\n \u003cTASK\u003e\n__asan_report_load4_noabort (mm/kasan/report_generic.c:350)\nvcs_size (drivers/tty/vt/vc_screen.c:215)\nvcs_read (drivers/tty/vt/vc_screen.c:415)\nvfs_read (fs/read_write.c:468 fs/read_write.c:450)\n...\n \u003c/TASK\u003e\n\nAllocated by task 1191:\n...\nkmalloc_trace (mm/slab_common.c:1069)\nvc_allocate (./include/linux/slab.h:580 ./include/linux/slab.h:720\n drivers/tty/vt/vt.c:1128 drivers/tty/vt/vt.c:1108)\ncon_install (drivers/tty/vt/vt.c:3383)\ntty_init_dev (drivers/tty/tty_io.c:1301 drivers/tty/tty_io.c:1413\n drivers/tty/tty_io.c:1390)\ntty_open (drivers/tty/tty_io.c:2080 drivers/tty/tty_io.c:2126)\nchrdev_open (fs/char_dev.c:415)\ndo_dentry_open (fs/open.c:883)\nvfs_open (fs/open.c:1014)\n...\n\nFreed by task 1548:\n...\nkfree (mm/slab_common.c:1021)\nvc_port_destruct (drivers/tty/vt/vt.c:1094)\ntty_port_destructor (drivers/tty/tty_port.c:296)\ntty_port_put (drivers/tty/tty_port.c:312)\nvt_disallocate_all (drivers/tty/vt/vt_ioctl.c:662 (discriminator 2))\nvt_ioctl (drivers/tty/vt/vt_ioctl.c:903)\ntty_ioctl (drivers/tty/tty_io.c:2776)\n...\n\nThe buggy address belongs to the object at ffff888113747800\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 424 bytes inside of\n 1024-byte region [ffff888113747800, ffff888113747c00)\n\nThe buggy address belongs to the physical page:\npage:00000000b3fe6c7c refcount:1 mapcount:0 mapping:0000000000000000\n index:0x0 pfn:0x113740\nhead:00000000b3fe6c7c order:3 compound_mapcount:0 subpages_mapcount:0\n compound_pincount:0\nanon flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\nraw: 0017ffffc0010200 ffff888100042dc0 0000000000000000 dead000000000001\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888113747880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888113747900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888113747980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888113747a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888113747a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n==================================================================\nDisabling lock debugging due to kernel taint",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52973",
"url": "https://www.suse.com/security/cve/CVE-2023-52973"
},
{
"category": "external",
"summary": "SUSE Bug 1240218 for CVE-2023-52973",
"url": "https://bugzilla.suse.com/1240218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-52973"
},
{
"cve": "CVE-2023-52974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress\n\nIf during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails,\nuserspace could be accessing the host\u0027s ipaddress attr. If we then free the\nsession via iscsi_session_teardown() while userspace is still accessing the\nsession we will hit a use after free bug.\n\nSet the tcp_sw_host-\u003esession after we have completed session creation and\ncan no longer fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52974",
"url": "https://www.suse.com/security/cve/CVE-2023-52974"
},
{
"category": "external",
"summary": "SUSE Bug 1240213 for CVE-2023-52974",
"url": "https://bugzilla.suse.com/1240213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-52974"
},
{
"cve": "CVE-2023-53000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: prevent potential spectre v1 gadgets\n\nMost netlink attributes are parsed and validated from\n__nla_validate_parse() or validate_nla()\n\n u16 type = nla_type(nla);\n\n if (type == 0 || type \u003e maxtype) {\n /* error or continue */\n }\n\n@type is then used as an array index and can be used\nas a Spectre v1 gadget.\n\narray_index_nospec() can be used to prevent leaking\ncontent of kernel memory to malicious users.\n\nThis should take care of vast majority of netlink uses,\nbut an audit is needed to take care of others where\nvalidation is not yet centralized in core netlink functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53000",
"url": "https://www.suse.com/security/cve/CVE-2023-53000"
},
{
"category": "external",
"summary": "SUSE Bug 1240227 for CVE-2023-53000",
"url": "https://bugzilla.suse.com/1240227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-53000"
},
{
"cve": "CVE-2023-53015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: check shape of output reports\n\nbetopff_init() only checks the total sum of the report counts for each\nreport field to be at least 4, but hid_betopff_play() expects 4 report\nfields.\nA device advertising an output report with one field and 4 report counts\nwould pass the check but crash the kernel with a NULL pointer dereference\nin hid_betopff_play().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53015",
"url": "https://www.suse.com/security/cve/CVE-2023-53015"
},
{
"category": "external",
"summary": "SUSE Bug 1240288 for CVE-2023-53015",
"url": "https://bugzilla.suse.com/1240288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-53015"
},
{
"cve": "CVE-2023-53024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix pointer-leak due to insufficient speculative store bypass mitigation\n\nTo mitigate Spectre v4, 2039f26f3aca (\"bpf: Fix leakage due to\ninsufficient speculative store bypass mitigation\") inserts lfence\ninstructions after 1) initializing a stack slot and 2) spilling a\npointer to the stack.\n\nHowever, this does not cover cases where a stack slot is first\ninitialized with a pointer (subject to sanitization) but then\noverwritten with a scalar (not subject to sanitization because\nthe slot was already initialized). In this case, the second write\nmay be subject to speculative store bypass (SSB) creating a\nspeculative pointer-as-scalar type confusion. This allows the\nprogram to subsequently leak the numerical pointer value using,\nfor example, a branch-based cache side channel.\n\nTo fix this, also sanitize scalars if they write a stack slot\nthat previously contained a pointer. Assuming that pointer-spills\nare only generated by LLVM on register-pressure, the performance\nimpact on most real-world BPF programs should be small.\n\nThe following unprivileged BPF bytecode drafts a minimal exploit\nand the mitigation:\n\n [...]\n // r6 = 0 or 1 (skalar, unknown user input)\n // r7 = accessible ptr for side channel\n // r10 = frame pointer (fp), to be leaked\n //\n r9 = r10 # fp alias to encourage ssb\n *(u64 *)(r9 - 8) = r10 // fp[-8] = ptr, to be leaked\n // lfence added here because of pointer spill to stack.\n //\n // Ommitted: Dummy bpf_ringbuf_output() here to train alias predictor\n // for no r9-r10 dependency.\n //\n *(u64 *)(r10 - 8) = r6 // fp[-8] = scalar, overwrites ptr\n // 2039f26f3aca: no lfence added because stack slot was not STACK_INVALID,\n // store may be subject to SSB\n //\n // fix: also add an lfence when the slot contained a ptr\n //\n r8 = *(u64 *)(r9 - 8)\n // r8 = architecturally a scalar, speculatively a ptr\n //\n // leak ptr using branch-based cache side channel:\n r8 \u0026= 1 // choose bit to leak\n if r8 == 0 goto SLOW // no mispredict\n // architecturally dead code if input r6 is 0,\n // only executes speculatively iff ptr bit is 1\n r8 = *(u64 *)(r7 + 0) # encode bit in cache (0: slow, 1: fast)\nSLOW:\n [...]\n\nAfter running this, the program can time the access to *(r7 + 0) to\ndetermine whether the chosen pointer bit was 0 or 1. Repeat this 64\ntimes to recover the whole address on amd64.\n\nIn summary, sanitization can only be skipped if one scalar is\noverwritten with another scalar. Scalar-confusion due to speculative\nstore bypass can not lead to invalid accesses because the pointer\nbounds deducted during verification are enforced using branchless\nlogic. See 979d63d50c0c (\"bpf: prevent out of bounds speculation on\npointer arithmetic\") for details.\n\nDo not make the mitigation depend on !env-\u003eallow_{uninit_stack,ptr_leaks}\nbecause speculative leaks are likely unexpected if these were enabled.\nFor example, leaking the address to a protected log file may be acceptable\nwhile disabling the mitigation might unintentionally leak the address\ninto the cached-state of a map that is accessible to unprivileged\nprocesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53024",
"url": "https://www.suse.com/security/cve/CVE-2023-53024"
},
{
"category": "external",
"summary": "SUSE Bug 1240272 for CVE-2023-53024",
"url": "https://bugzilla.suse.com/1240272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-53024"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-56642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free of kernel socket in cleanup_bearer().\n\nsyzkaller reported a use-after-free of UDP kernel socket\nin cleanup_bearer() without repro. [0][1]\n\nWhen bearer_disable() calls tipc_udp_disable(), cleanup\nof the UDP kernel socket is deferred by work calling\ncleanup_bearer().\n\ntipc_exit_net() waits for such works to finish by checking\ntipc_net(net)-\u003ewq_count. However, the work decrements the\ncount too early before releasing the kernel socket,\nunblocking cleanup_net() and resulting in use-after-free.\n\nLet\u0027s move the decrement after releasing the socket in\ncleanup_bearer().\n\n[0]:\nref_tracker: net notrefcnt@000000009b3d1faf has 1/1 users at\n sk_alloc+0x438/0x608\n inet_create+0x4c8/0xcb0\n __sock_create+0x350/0x6b8\n sock_create_kern+0x58/0x78\n udp_sock_create4+0x68/0x398\n udp_sock_create+0x88/0xc8\n tipc_udp_enable+0x5e8/0x848\n __tipc_nl_bearer_enable+0x84c/0xed8\n tipc_nl_bearer_enable+0x38/0x60\n genl_family_rcv_msg_doit+0x170/0x248\n genl_rcv_msg+0x400/0x5b0\n netlink_rcv_skb+0x1dc/0x398\n genl_rcv+0x44/0x68\n netlink_unicast+0x678/0x8b0\n netlink_sendmsg+0x5e4/0x898\n ____sys_sendmsg+0x500/0x830\n\n[1]:\nBUG: KMSAN: use-after-free in udp_hashslot include/net/udp.h:85 [inline]\nBUG: KMSAN: use-after-free in udp_lib_unhash+0x3b8/0x930 net/ipv4/udp.c:1979\n udp_hashslot include/net/udp.h:85 [inline]\n udp_lib_unhash+0x3b8/0x930 net/ipv4/udp.c:1979\n sk_common_release+0xaf/0x3f0 net/core/sock.c:3820\n inet_release+0x1e0/0x260 net/ipv4/af_inet.c:437\n inet6_release+0x6f/0xd0 net/ipv6/af_inet6.c:489\n __sock_release net/socket.c:658 [inline]\n sock_release+0xa0/0x210 net/socket.c:686\n cleanup_bearer+0x42d/0x4c0 net/tipc/udp_media.c:819\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xcaf/0x1c90 kernel/workqueue.c:3310\n worker_thread+0xf6c/0x1510 kernel/workqueue.c:3391\n kthread+0x531/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x60/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\n slab_free_hook mm/slub.c:2269 [inline]\n slab_free mm/slub.c:4580 [inline]\n kmem_cache_free+0x207/0xc40 mm/slub.c:4682\n net_free net/core/net_namespace.c:454 [inline]\n cleanup_net+0x16f2/0x19d0 net/core/net_namespace.c:647\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xcaf/0x1c90 kernel/workqueue.c:3310\n worker_thread+0xf6c/0x1510 kernel/workqueue.c:3391\n kthread+0x531/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x60/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:244\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/0:2 Not tainted 6.12.0-rc1-00131-gf66ebf37d69c #7 91723d6f74857f70725e1583cba3cf4adc716cfa\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nWorkqueue: events cleanup_bearer",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56642",
"url": "https://www.suse.com/security/cve/CVE-2024-56642"
},
{
"category": "external",
"summary": "SUSE Bug 1235433 for CVE-2024-56642",
"url": "https://bugzilla.suse.com/1235433"
},
{
"category": "external",
"summary": "SUSE Bug 1235434 for CVE-2024-56642",
"url": "https://bugzilla.suse.com/1235434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2024-56642"
},
{
"cve": "CVE-2024-56651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: hi311x: hi3110_can_ist(): fix potential use-after-free\n\nThe commit a22bd630cfff (\"can: hi311x: do not report txerr and rxerr\nduring bus-off\") removed the reporting of rxerr and txerr even in case\nof correct operation (i. e. not bus-off).\n\nThe error count information added to the CAN frame after netif_rx() is\na potential use after free, since there is no guarantee that the skb\nis in the same state. It might be freed or reused.\n\nFix the issue by postponing the netif_rx() call in case of txerr and\nrxerr reporting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56651",
"url": "https://www.suse.com/security/cve/CVE-2024-56651"
},
{
"category": "external",
"summary": "SUSE Bug 1235528 for CVE-2024-56651",
"url": "https://bugzilla.suse.com/1235528"
},
{
"category": "external",
"summary": "SUSE Bug 1236570 for CVE-2024-56651",
"url": "https://bugzilla.suse.com/1236570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2024-56651"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:kernel-source-rt-5.3.18-150300.205.1.noarch",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.205.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-source-rt-5.3.18-150300.205.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-10T13:46:40Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…