SUSE-SU-2025:03204-1

Advisory lineage Upstream: 60 Downstream: 0
Published: 12 Sept 2025, 13:40
Last modified:23 Mar 2026, 04:50

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

12 Sept 2025, 13:40
Published
Vulnerability first disclosed
23 Mar 2026, 04:50
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49967: bpf: Fix a data-race around bpf_jit_limit (bsc#1244964). - CVE-2022-49975: bpf: Don't redirect packets with invalid pkt_len (bsc#1245196). - CVE-2022-49980: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (bsc#1245110). - CVE-2022-49981: HID: hidraw: fix memory leak in hidraw_release() (bsc#1245072). - CVE-2022-50007: xfrm: fix refcount leak in __xfrm_policy_check() (bsc#1245016). - CVE-2022-50066: net: atlantic: fix aq_vec index out of range error (bsc#1244985). - CVE-2022-50080: tee: add overflow check in register_shm_helper() (bsc#1244972). - CVE-2022-50116: kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path (bsc#1244824). - CVE-2022-50127: RDMA/rxe: Fix error unwind in rxe_create_qp() (bsc#1244815). - CVE-2022-50138: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (bsc#1244797). - CVE-2022-50141: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (bsc#1244794). - CVE-2022-50162: wifi: libertas: Fix possible refcount leak in if_usb_probe() (bsc#1244773). - CVE-2022-50185: drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (bsc#1244887). - CVE-2022-50191: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (bsc#1244899). - CVE-2022-50228: KVM: SVM: Do not BUG if userspace injects an interrupt with GIF=0 (bsc#1244854). - CVE-2022-50229: ALSA: bcd2000: Fix a UAF bug on the error path of probing (bsc#1244856). - CVE-2023-52813: crypto: pcrypt - Fix hungtask for PADATA_RESET (bsc#1225527). - CVE-2023-53020: l2tp: close all race conditions in l2tp_tunnel_register() (bsc#1240224). - CVE-2024-28956: x86/its: Enable Indirect Target Selection mitigation (bsc#1242006). - CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292). - CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782). - CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734). - CVE-2025-38102: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (bsc#1245669). - CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663). - CVE-2025-38117: Bluetooth: MGMT: protect mgmt_pending list with its own lock (bsc#1245695). - CVE-2025-38122: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (bsc#1245746). - CVE-2025-38153: net: usb: aqc111: fix error handling of usbnet read calls (bsc#1245744). - CVE-2025-38173: crypto: marvell/cesa - Handle zero-length skcipher requests (bsc#1245769). - CVE-2025-38174: thunderbolt: Do not double dequeue a configuration request (bsc#1245781). - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956). - CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012). - CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973). - CVE-2025-38214: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (bsc#1246042). - CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193). - CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248). - CVE-2025-38313: bus: fsl-mc: fix double-free on mc_dev (bsc#1246342). - CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). - CVE-2025-38386: ACPICA: Refuse to evaluate a method if arguments are missing (bsc#1247138). - CVE-2025-38424: perf: Fix sample vs do_exit() (bsc#1246547 bsc#1247293). - CVE-2025-38430: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (bsc#1247160). - CVE-2025-38449: drm/gem: Acquire references on GEM handles for framebuffers (bsc#1247255). - CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). - CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). - CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112). - CVE-2025-38465: netlink: Fix wraparounds of sk->sk_rmem_alloc (bsc#1247118). - CVE-2025-38470: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (bsc#1247288). - CVE-2025-38473: Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (bsc#1247289). - CVE-2025-38474: usb: net: sierra: check for no status endpoint (bsc#1247311). - CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). - CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976). - CVE-2025-38512: wifi: prevent A-MSDU attacks in mesh networks (bsc#1248178). - CVE-2025-38513: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (bsc#1248179). - CVE-2025-38515: drm/sched: Increment job count before swapping tail spsc queue (bsc#1248212). - CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223). - CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296). - CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306). - CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621). - CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511). - CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748). The following non-security bugs were fixed: - Disable N_GSM (jsc#PED-8240). - Fix crash caused by backport of 'ext4: fix race when reusing xattr blocks' (bsc#1247929). - HID: hidraw: fix a problem of memory leak in hidraw_release() (bsc#1245072). - crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (bsc#1225527). - drm/framebuffer: Acquire internal references on GEM handles (bsc#1247255). - drm/framebuffer: Fix the locking in drm_gem_fb_destroy() (bsc#1248130). - linkage: Introduce new macros for assembler symbols (git-fixes). - net: usb: aqc111: debug info before sanitation (bsc#1245744). - x86/alternative: Merge include files (git-fixes). - x86/alternatives: Add an ALTERNATIVE_3() macro (git-fixes). - x86/alternatives: Add macro comments (git-fixes). - x86/alternatives: Print containing function (git-fixes). - x86/asm: Provide ALTERNATIVE_3 (git-fixes). - x86: Simplify retpoline declaration (git-fixes).

Affected Systems

  • susekernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

    < 4.12.14-122.272.1

  • susekernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.272.1

  • susekernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.272.1

  • susekernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.272.1

  • susekernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.272.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.272.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.272.1

  • susekgraft-patch-SLE12-SP5_Update_72&distro=SUSE Linux Enterprise Live Patching 12 SP5

    < 1-8.3.1

References (128)