SUSE-SU-2025:02334-1

Advisory lineage Upstream: 120 Downstream: 0
Published: 16 Jul 2025, 13:46
Last modified:23 Mar 2026, 04:46

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

16 Jul 2025, 13:46
Published
Vulnerability first disclosed
23 Mar 2026, 04:46
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47212: net/mlx5: Update error handler for UCTX and UMEM (bsc#1222709). - CVE-2021-47455: ptp: Fix possible memory leak in ptp_clock_register() (bsc#1225254). - CVE-2021-47527: serial: core: fix transmit-buffer reset and memleak (bsc#1227768). - CVE-2022-21546: scsi: target: Fix WRITE_SAME No Data Buffer crash (bsc#1242243). - CVE-2022-49154: KVM: SVM: fix panic on out-of-bounds guest IRQ (bsc#1238167). - CVE-2022-49622: netfilter: nf_tables: fix crash when nf_trace is enabled (bsc#1239042). - CVE-2022-49731: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (bsc#1239071). - CVE-2022-49764: kABI: workaround 'bpf: Prevent bpf program recursion for raw tracepoint probes' changes (bsc#1242301). - CVE-2022-49780: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() (bsc#1242262). - CVE-2022-49814: kcm: close race conditions on sk_receive_queue (bsc#1242498). - CVE-2022-49879: ext4: fix BUG_ON() when directory entry has invalid rec_len (bsc#1242733). - CVE-2022-49881: wifi: cfg80211: fix memory leak in query_regdb_file() (bsc#1242481). - CVE-2022-49917: ipvs: fix WARNING in ip_vs_app_net_cleanup() (bsc#1242406). - CVE-2022-49921: net: sched: Fix use after free in red_enqueue() (bsc#1242359). - CVE-2022-50055: iavf: Fix adminq error handling (bsc#1245039). - CVE-2022-50087: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (bsc#1245119). - CVE-2022-50134: RDMA/hfi1: fix potential memory leak in setup_base_ctxt() (bsc#1244802). - CVE-2022-50200: selinux: Add boundary check in put_entry() (bsc#1245149). - CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). - CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). - CVE-2023-53020: l2tp: fix lockdep splat (bsc#1240224). - CVE-2023-53090: drm/amdkfd: Fix an illegal memory access (bsc#1242753). - CVE-2023-53091: ext4: update s_journal_inum if it changes after journal replay (bsc#1242767). - CVE-2023-53133: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() (bsc#1242423). - CVE-2024-26586: mlxsw: spectrum_acl_tcam: Fix stack corruption (bsc#1220243). - CVE-2024-26825: nfc: nci: free rx_data_reassembly skb on NCI device cleanup (bsc#1223065). - CVE-2024-26872: RDMA/srpt: Do not register event handler until srpt device is fully setup (bsc#1223115). - CVE-2024-26875: media: pvrusb2: fix uaf in pvr2_context_set_notify (bsc#1223118). - CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). - CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726). - CVE-2024-38588: ftrace: Fix possible use-after-free issue in ftrace_location() (bsc#1226837). - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913). - CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610). - CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686). - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). - CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544). - CVE-2025-23149: tpm: do not start chip while suspended (bsc#1242758). - CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515). - CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521). - CVE-2025-37781: i2c: cros-ec-tunnel: defer probe if parent EC is not present (bsc#1242575). - CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849). - CVE-2025-37810: usb: dwc3: gadget: check that event count does not exceed event buffer length (bsc#1242906). - CVE-2025-37836: PCI: Fix reference leak in pci_register_host_bridge() (bsc#1242957). - CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946). - CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982). - CVE-2025-37892: mtd: inftlcore: Add error check for inftl_read_oob() (bsc#1243536). - CVE-2025-37911: bnxt_en: Fix out-of-bound memcpy() during ethtool -w (bsc#1243469). - CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551). - CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620). - CVE-2025-37928: dm-bufio: do not schedule in atomic context (bsc#1243621). - CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523). - CVE-2025-37980: block: fix resource leak in blk_register_queue() error path (bsc#1243522). - CVE-2025-37982: wifi: wl1251: fix memory leak in wl1251_tx_work (bsc#1243524). - CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698). - CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827). - CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836). - CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277). - CVE-2025-38004: can: bcm: add locking for bcm_op runtime updates (bsc#1244274). - CVE-2025-38023: nfs: handle failure of nfs_get_lock_context in unlock path (bsc#1245004). - CVE-2025-38024: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (bsc#1245025). - CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). - CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743). - CVE-2025-38078: ALSA: pcm: Fix race of buffer access at PCM OSS layer (bsc#1244737). - CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183). The following non-security bugs were fixed: - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() (bsc#1226837). - ftrace: Return the first found result in lookup_rec() (bsc#1226837). - ftrace: Separate out functionality from ftrace_location_range() (bsc#1226837). - ftrace: Zero out ftrace hashes when a module is removed (bsc#1226837). - mnt: fix __detach_mounts infinite loop (bsc#1242140). - net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312) - netfilter: nf_tables: consolidate rule verdict trace call (bsc#1239042). - netfilter: nf_tables: remove old nf_log based tracing (bsc#1239042). - scsi: storvsc: Do not report the host packet status as the hv status (git-fixes). - scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455). - tracing: Fix compilation warning on arm32 (bsc#1243551).

Affected Systems

  • susekernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

    < 4.12.14-122.266.1

  • susekernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.266.1

  • susekernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.266.1

  • susekernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.266.1

  • susekernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.266.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.266.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.266.1

  • susekgraft-patch-SLE12-SP5_Update_70&distro=SUSE Linux Enterprise Live Patching 12 SP5

    < 1-8.5.1

References (268)