[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2022:1257-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":80,"duplicates":81,"related":82,"reserved_at":9,"published_at":116,"modified_at":117,"state":9,"summary":118,"references_raw":120,"kevs":429,"epss":9,"epss_history":430,"metrics":431,"affected":432},"SUSE-SU-2022:1257-1","Security update for the Linux Kernel\n\n\nThe SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space (bnc#1196823).\n- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032).\n- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033).\n- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031).\n- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).\n- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation (bnc#1197702).\n- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation (bnc#1197462).\n- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).\n- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836).\n- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed (bsc#1196956).\n- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free bug in unix_gc (bsc#1193731).\n- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488).\n- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).\n- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image (bsc#1196079).\n- CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bsc#1196235).\n- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).\n- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).\n- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).\n- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905).\n- CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516).\n- CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).\n- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).\n- CVE-2022-28748: Fixed various information leaks that could be caused by malicious USB devices (bsc#1196018).\n- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155)\n- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761).\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227).\n\n\nThe following non-security bugs were fixed:\n\n- cifs: use the correct max-length for dentry_path_raw() (bsc#1196196).\n- gve: multiple bugfixes (jsc#SLE-23652).\n- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).\n- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639).\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).\n- scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78],{"_key":15},"CVE-2021-0920",{"_key":17},"CVE-2021-39698",{"_key":19},"CVE-2021-44879",{"_key":21},"CVE-2021-45868",{"_key":23},"CVE-2022-0487",{"_key":25},"CVE-2022-0492",{"_key":27},"CVE-2022-0516",{"_key":29},"CVE-2022-0617",{"_key":31},"CVE-2022-0644",{"_key":33},"CVE-2022-0850",{"_key":35},"CVE-2022-0854",{"_key":37},"CVE-2022-1016",{"_key":39},"CVE-2022-1048",{"_key":41},"CVE-2022-1055",{"_key":43},"CVE-2022-23036",{"_key":45},"CVE-2022-23037",{"_key":47},"CVE-2022-23038",{"_key":49},"CVE-2022-23039",{"_key":51},"CVE-2022-23040",{"_key":53},"CVE-2022-23041",{"_key":55},"CVE-2022-23042",{"_key":57},"CVE-2022-24448",{"_key":59},"CVE-2022-24958",{"_key":61},"CVE-2022-24959",{"_key":63},"CVE-2022-25258",{"_key":65},"CVE-2022-25375",{"_key":67},"CVE-2022-26490",{"_key":69},"CVE-2022-26966",{"_key":71},"CVE-2022-27666",{"_key":73},"CVE-2022-28388",{"_key":75},"CVE-2022-28389",{"_key":77},"CVE-2022-28390",{"_key":79},"CVE-2022-28748",[],[],[83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},"2022-04-19T09:03:30Z","2026-02-04T04:11:39.701813Z",{"cisa_kev":119,"cisa_ransomware":119,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[121,127,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,192,196,200,204,208,212,216,220,224,228,232,236,240,244,248,252,256,260,264,268,272,276,280,284,288,292,296,301,305,309,313,317,321,325,329,333,337,341,345,349,353,357,361,365,369,373,377,381,385,389,393,397,401,405,409,413,417,421,425],{"url":122,"sources":123,"tags":125},"https://www.suse.com/support/update/announcement/2022/suse-su-20221257-1/",[124],"osv_suse",[126],"Advisory",{"url":128,"sources":129,"tags":130},"https://bugzilla.suse.com/1179639",[124],[131],"REPORT",{"url":133,"sources":134,"tags":135},"https://bugzilla.suse.com/1189126",[124],[131],{"url":137,"sources":138,"tags":139},"https://bugzilla.suse.com/1189562",[124],[131],{"url":141,"sources":142,"tags":143},"https://bugzilla.suse.com/1193731",[124],[131],{"url":145,"sources":146,"tags":147},"https://bugzilla.suse.com/1194516",[124],[131],{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/1194943",[124],[131],{"url":153,"sources":154,"tags":155},"https://bugzilla.suse.com/1195051",[124],[131],{"url":157,"sources":158,"tags":159},"https://bugzilla.suse.com/1195254",[124],[131],{"url":161,"sources":162,"tags":163},"https://bugzilla.suse.com/1195286",[124],[131],{"url":165,"sources":166,"tags":167},"https://bugzilla.suse.com/1195353",[124],[131],{"url":169,"sources":170,"tags":171},"https://bugzilla.suse.com/1195403",[124],[131],{"url":173,"sources":174,"tags":175},"https://bugzilla.suse.com/1195516",[124],[131],{"url":177,"sources":178,"tags":179},"https://bugzilla.suse.com/1195543",[124],[131],{"url":181,"sources":182,"tags":183},"https://bugzilla.suse.com/1195612",[124],[131],{"url":185,"sources":186,"tags":187},"https://bugzilla.suse.com/1195897",[124],[131],{"url":189,"sources":190,"tags":191},"https://bugzilla.suse.com/1195905",[124],[131],{"url":193,"sources":194,"tags":195},"https://bugzilla.suse.com/1195939",[124],[131],{"url":197,"sources":198,"tags":199},"https://bugzilla.suse.com/1195987",[124],[131],{"url":201,"sources":202,"tags":203},"https://bugzilla.suse.com/1196018",[124],[131],{"url":205,"sources":206,"tags":207},"https://bugzilla.suse.com/1196079",[124],[131],{"url":209,"sources":210,"tags":211},"https://bugzilla.suse.com/1196095",[124],[131],{"url":213,"sources":214,"tags":215},"https://bugzilla.suse.com/1196155",[124],[131],{"url":217,"sources":218,"tags":219},"https://bugzilla.suse.com/1196196",[124],[131],{"url":221,"sources":222,"tags":223},"https://bugzilla.suse.com/1196235",[124],[131],{"url":225,"sources":226,"tags":227},"https://bugzilla.suse.com/1196468",[124],[131],{"url":229,"sources":230,"tags":231},"https://bugzilla.suse.com/1196488",[124],[131],{"url":233,"sources":234,"tags":235},"https://bugzilla.suse.com/1196612",[124],[131],{"url":237,"sources":238,"tags":239},"https://bugzilla.suse.com/1196761",[124],[131],{"url":241,"sources":242,"tags":243},"https://bugzilla.suse.com/1196776",[124],[131],{"url":245,"sources":246,"tags":247},"https://bugzilla.suse.com/1196823",[124],[131],{"url":249,"sources":250,"tags":251},"https://bugzilla.suse.com/1196830",[124],[131],{"url":253,"sources":254,"tags":255},"https://bugzilla.suse.com/1196836",[124],[131],{"url":257,"sources":258,"tags":259},"https://bugzilla.suse.com/1196956",[124],[131],{"url":261,"sources":262,"tags":263},"https://bugzilla.suse.com/1197227",[124],[131],{"url":265,"sources":266,"tags":267},"https://bugzilla.suse.com/1197331",[124],[131],{"url":269,"sources":270,"tags":271},"https://bugzilla.suse.com/1197366",[124],[131],{"url":273,"sources":274,"tags":275},"https://bugzilla.suse.com/1197389",[124],[131],{"url":277,"sources":278,"tags":279},"https://bugzilla.suse.com/1197462",[124],[131],{"url":281,"sources":282,"tags":283},"https://bugzilla.suse.com/1197702",[124],[131],{"url":285,"sources":286,"tags":287},"https://bugzilla.suse.com/1198031",[124],[131],{"url":289,"sources":290,"tags":291},"https://bugzilla.suse.com/1198032",[124],[131],{"url":293,"sources":294,"tags":295},"https://bugzilla.suse.com/1198033",[124],[131],{"url":297,"sources":298,"tags":299},"https://www.suse.com/security/cve/CVE-2021-0920",[124],[300],"WEB",{"url":302,"sources":303,"tags":304},"https://www.suse.com/security/cve/CVE-2021-39698",[124],[300],{"url":306,"sources":307,"tags":308},"https://www.suse.com/security/cve/CVE-2021-44879",[124],[300],{"url":310,"sources":311,"tags":312},"https://www.suse.com/security/cve/CVE-2021-45868",[124],[300],{"url":314,"sources":315,"tags":316},"https://www.suse.com/security/cve/CVE-2022-0487",[124],[300],{"url":318,"sources":319,"tags":320},"https://www.suse.com/security/cve/CVE-2022-0492",[124],[300],{"url":322,"sources":323,"tags":324},"https://www.suse.com/security/cve/CVE-2022-0516",[124],[300],{"url":326,"sources":327,"tags":328},"https://www.suse.com/security/cve/CVE-2022-0617",[124],[300],{"url":330,"sources":331,"tags":332},"https://www.suse.com/security/cve/CVE-2022-0644",[124],[300],{"url":334,"sources":335,"tags":336},"https://www.suse.com/security/cve/CVE-2022-0850",[124],[300],{"url":338,"sources":339,"tags":340},"https://www.suse.com/security/cve/CVE-2022-0854",[124],[300],{"url":342,"sources":343,"tags":344},"https://www.suse.com/security/cve/CVE-2022-1016",[124],[300],{"url":346,"sources":347,"tags":348},"https://www.suse.com/security/cve/CVE-2022-1048",[124],[300],{"url":350,"sources":351,"tags":352},"https://www.suse.com/security/cve/CVE-2022-1055",[124],[300],{"url":354,"sources":355,"tags":356},"https://www.suse.com/security/cve/CVE-2022-23036",[124],[300],{"url":358,"sources":359,"tags":360},"https://www.suse.com/security/cve/CVE-2022-23037",[124],[300],{"url":362,"sources":363,"tags":364},"https://www.suse.com/security/cve/CVE-2022-23038",[124],[300],{"url":366,"sources":367,"tags":368},"https://www.suse.com/security/cve/CVE-2022-23039",[124],[300],{"url":370,"sources":371,"tags":372},"https://www.suse.com/security/cve/CVE-2022-23040",[124],[300],{"url":374,"sources":375,"tags":376},"https://www.suse.com/security/cve/CVE-2022-23041",[124],[300],{"url":378,"sources":379,"tags":380},"https://www.suse.com/security/cve/CVE-2022-23042",[124],[300],{"url":382,"sources":383,"tags":384},"https://www.suse.com/security/cve/CVE-2022-24448",[124],[300],{"url":386,"sources":387,"tags":388},"https://www.suse.com/security/cve/CVE-2022-24958",[124],[300],{"url":390,"sources":391,"tags":392},"https://www.suse.com/security/cve/CVE-2022-24959",[124],[300],{"url":394,"sources":395,"tags":396},"https://www.suse.com/security/cve/CVE-2022-25258",[124],[300],{"url":398,"sources":399,"tags":400},"https://www.suse.com/security/cve/CVE-2022-25375",[124],[300],{"url":402,"sources":403,"tags":404},"https://www.suse.com/security/cve/CVE-2022-26490",[124],[300],{"url":406,"sources":407,"tags":408},"https://www.suse.com/security/cve/CVE-2022-26966",[124],[300],{"url":410,"sources":411,"tags":412},"https://www.suse.com/security/cve/CVE-2022-27666",[124],[300],{"url":414,"sources":415,"tags":416},"https://www.suse.com/security/cve/CVE-2022-28388",[124],[300],{"url":418,"sources":419,"tags":420},"https://www.suse.com/security/cve/CVE-2022-28389",[124],[300],{"url":422,"sources":423,"tags":424},"https://www.suse.com/security/cve/CVE-2022-28390",[124],[300],{"url":426,"sources":427,"tags":428},"https://www.suse.com/security/cve/CVE-2022-28748",[124],[300],[],[],[],[433,446,451,455,460],{"ecosystem":434,"name":435,"vendor":436,"product":437,"cpe_part":9,"purl_type":438,"purl_namespace":436,"purl_name":437,"source":9,"versions":439},"SUSE Linux Enterprise","kernel-rt_debug","suse","kernel-rt_debug&distro=SUSE Real Time Module 15 SP2","rpm",[440],{"version":441,"is_range":442,"range_type":443,"version_start":9,"version_start_type":9,"version_end":444,"version_end_type":445,"fixed_in":9},"lt5_3_18_150200_79_2",true,"ecosystem","5.3.18-150200.79.2","excluding",{"ecosystem":434,"name":447,"vendor":436,"product":448,"cpe_part":9,"purl_type":438,"purl_namespace":436,"purl_name":448,"source":9,"versions":449},"kernel-rt","kernel-rt&distro=SUSE Linux Enterprise Micro 5.0",[450],{"version":441,"is_range":442,"range_type":443,"version_start":9,"version_start_type":9,"version_end":444,"version_end_type":445,"fixed_in":9},{"ecosystem":434,"name":447,"vendor":436,"product":452,"cpe_part":9,"purl_type":438,"purl_namespace":436,"purl_name":452,"source":9,"versions":453},"kernel-rt&distro=SUSE Real Time Module 15 SP2",[454],{"version":441,"is_range":442,"range_type":443,"version_start":9,"version_start_type":9,"version_end":444,"version_end_type":445,"fixed_in":9},{"ecosystem":434,"name":456,"vendor":436,"product":457,"cpe_part":9,"purl_type":438,"purl_namespace":436,"purl_name":457,"source":9,"versions":458},"kernel-source-rt","kernel-source-rt&distro=SUSE Real Time Module 15 SP2",[459],{"version":441,"is_range":442,"range_type":443,"version_start":9,"version_start_type":9,"version_end":444,"version_end_type":445,"fixed_in":9},{"ecosystem":434,"name":461,"vendor":436,"product":462,"cpe_part":9,"purl_type":438,"purl_namespace":436,"purl_name":462,"source":9,"versions":463},"kernel-syms-rt","kernel-syms-rt&distro=SUSE Real Time Module 15 SP2",[464],{"version":465,"is_range":442,"range_type":443,"version_start":9,"version_start_type":9,"version_end":466,"version_end_type":445,"fixed_in":9},"lt5_3_18_150200_79_1","5.3.18-150200.79.1"]