SUSE-SU-2025:03614-1

Advisory lineage Upstream: 183 Downstream: 0

Upstream

CVE-2022-36280 CVE-2022-43945 CVE-2022-49975 CVE-2022-50233 CVE-2022-50235 CVE-2022-50242

Published: 16 Oct 2025, 05:48

Last modified:04 Feb 2026, 03:03

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Oct 2025, 05:48

Published

Vulnerability first disclosed

04 Feb 2026, 03:03

Last Modified

Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} (bsc#1246968). - CVE-2022-50242: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() (bsc#1249696). - CVE-2022-50244: cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() (bsc#1249647). - CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846). - CVE-2022-50258: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() (bsc#1249947). - CVE-2022-50265: kcm: annotate data-races around kcm->rx_wait (bsc#1249744). - CVE-2022-50278: PNP: fix name memory leak in pnp_alloc_dev() (bsc#1249715). - CVE-2022-50285: mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages (bsc#1249803). - CVE-2022-50288: qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure (bsc#1249802). - CVE-2022-50291: kcm: annotate data-races around kcm->rx_psock (bsc#1249798). - CVE-2022-50294: wifi: libertas: fix memory leak in lbs_init_adapter() (bsc#1249799). - CVE-2022-50297: wifi: ath9k: verify the expected usb_endpoints are present (bsc#1250250). - CVE-2022-50304: mm: export bdi_unregister (bsc#1249725). - CVE-2022-50311: cxl: Fix refcount leak in cxl_calc_capp_routing (bsc#1249720). - CVE-2022-50312: drivers: serial: jsm: fix some leaks in probe (bsc#1249716). - CVE-2022-50321: wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() (bsc#1249706). - CVE-2022-50330: crypto: cavium - prevent integer overflow loading firmware (bsc#1249700). - CVE-2022-50349: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (bsc#1249920). - CVE-2022-50352: net: hns: fix possible memory leak in hnae_ae_register() (bsc#1249922). - CVE-2022-50359: media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (bsc#1250269). - CVE-2022-50365: skbuff: Account for tail adjustment during pull operations (bsc#1250084). - CVE-2022-50375: tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown (bsc#1250132). - CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free (bsc#1250301). - CVE-2022-50396: net: sched: fix memory leak in tcindex_set_parms (bsc#1250104). - CVE-2022-50402: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() (bsc#1250363). - CVE-2022-50405: net/tunnel: wait until all sk_user_data reader finish before releasing the sock (bsc#1250155). - CVE-2022-50406: iomap: iomap: fix memory corruption when recording errors during writeback (bsc#1250165). - CVE-2022-50408: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() (bsc#1250391). - CVE-2022-50409: net: If sock is dead do not access sock's sk_wq in sk_stream_wait_memory (bsc#1250392). - CVE-2022-50419: Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times (bsc#1250394). - CVE-2023-53148: igb: Do not bring the device up after non-fatal error (bsc#1249842). - CVE-2023-53153: wifi: cfg80211: Partial revert 'wifi: cfg80211: Fix use after free for wext' (bsc#1249877). - CVE-2023-53176: serial: 8250: Fix oops for port->pm on uart_change_pm() (bsc#1249991). - CVE-2023-53178: mm: zswap: fix missing folio cleanup in writeback race path (bsc#1249827 git-fix). - CVE-2023-53199: wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails (bsc#1249683). - CVE-2023-53201: RDMA/bnxt_re: wraparound mbox producer index (bsc#1249687). - CVE-2023-53226: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (bsc#1249658). - CVE-2023-53248: drm/amdgpu: install stub fence into potential unused fence pointers (bsc#1249779). - CVE-2023-53254: drivers: base: cacheinfo: Fix shared_cpu_map changes in event of CPU hotplug (bsc#1249871). - CVE-2023-53272: net: ena: fix shift-out-of-bounds in exponential backoff (bsc#1249917). - CVE-2023-53277: wifi: iwl3945: Add missing check for create_singlethread_workqueue (bsc#1249936). - CVE-2023-53288: drm/client: Fix memory leak in drm_client_modeset_probe (bsc#1250058). - CVE-2023-53298: nfc: fix memory leak of se_io context in nfc_genl_se_io (bsc#1249944). - CVE-2023-53302: wifi: iwl4965: Add missing check for create_singlethread_workqueue() (bsc#1249958). - CVE-2023-53305: Bluetooth: L2CAP: Fix use-after-free (bsc#1250049). - CVE-2023-53309: drm/radeon: Fix integer overflow in radeon_cs_parser_init (bsc#1250055). - CVE-2023-53317: ext4: fix WARNING in mb_find_extent (bsc#1250081). - CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313). - CVE-2023-53335: RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish() (bsc#1250072). - CVE-2023-53344: can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write (bsc#1250023). - CVE-2023-53348: btrfs: fix deadlock when aborting transaction during relocation with scrub (bsc#1250018). - CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988). - CVE-2023-53384: wifi: mwifiex: avoid possible NULL skb pointer dereference (bsc#1250127). - CVE-2023-53393: RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (bsc#1250114). - CVE-2023-53395: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (bsc#1250358). - CVE-2023-53397: modpost: fix off by one in is_executable_section() (bsc#1250125). - CVE-2023-53400: ALSA: hda: Fix Oops by 9.1 surround channel names (bsc#1250328). - CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180). - CVE-2023-53441: bpf: cpumap: Fix memory leak in cpu_map_update_elem (bsc#1250150). - CVE-2024-53194: PCI: Fix use-after-free of slot->bus on hot remove (bsc#1235459). - CVE-2024-58240: tls: separate no-async decryption request handling from async (bsc#1248847). - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239). - CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199). - CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255). - CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399). - CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365). - CVE-2025-38602: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (bsc#1248341). - CVE-2025-38604: wifi: rtl818x: Kill URBs before clearing tx status queue (bsc#1248333). - CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610). - CVE-2025-38624: PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1248617). - CVE-2025-38632: pinmux: fix race causing mux_owner NULL with active mux_usecount (bsc#1248669). - CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674). - CVE-2025-38665: can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (bsc#1248648). - CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220). - CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258). - CVE-2025-38702: fbdev: fix potential buffer overflow in do_register_framebuffer() (bsc#1249254). - CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334). - CVE-2025-38712: hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (bsc#1249194). - CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200). - CVE-2025-38729: ALSA: usb-audio: Validate UAC3 power domain descriptors, too (bsc#1249164). - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288). - CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300). - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374). - CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295). - CVE-2025-39706: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (bsc#1249413). - CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266). - CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538). - CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524). - CVE-2025-39757: ALSA: usb-audio: Fix size validation in convert_chmap_v3() (bsc#1249515). - CVE-2025-39760: usb: core: config: Prevent OOB read in SS endpoint companion parsing (bsc#1249598). - CVE-2025-39763: ACPICA: Fix error code path in acpi_ds_call_control_method() (bsc#1249615). - CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513). - CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504). - CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526). - CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545). - CVE-2025-39800: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (bsc#1250177). - CVE-2025-39808: HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (bsc#1250088). - CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007). - CVE-2025-39833: mISDN: hfcpci: Fix warning when deleting uninitialized timer (bsc#1250028). - CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365). - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292). - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275). - CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247). - CVE-2025-39863: wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (bsc#1250281). - CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294). - CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406). - CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407). - CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483). The following non-security bugs were fixed: - Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes). - CONFIG & no reference -> OK temporarily, must be resolved eventually - Do not self obsolete older kernel variants - Limit patch filenames to 100 characters (bsc#1249604). - build_bug.h: Add KABI assert (bsc#1249186). - build_bug.h: add wrapper for _Static_assert (bsc#1249186). - dma-buf: add dma_fence_get_stub (bsc#1249779) - kernel-binary: Another installation ordering fix (bsc#1241353). - kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). - kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346). - l2tp: remove unused list_head member in l2tp_tunnel (git-fixes). - pptp: fix pptp_xmit() error path (git-fixes). - rpm: Configure KABI checkingness macro (bsc#1249186). - rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186). - rpm: Link arch-symbols script from scripts directory. - rpm: Link guards script from scripts directory. - tipc: improve function tipc_wait_for_cond() (bsc#1249037). - use uniform permission checks for all mount propagation changes (git-fixes). - x86/tsc: Append the 'tsc=' description for the 'tsc=unstable' boot parameter (git-fixes).

Affected Systems

suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5
< 4.12.14-122.275.1
suse•kernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
< 4.12.14-122.275.1
suse•kernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
< 4.12.14-122.275.1
suse•kernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
< 4.12.14-122.275.1
suse•kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
< 4.12.14-122.275.1
suse•kernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
< 4.12.14-122.275.1
suse•kernel-syms&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
< 4.12.14-122.275.1
suse•kgraft-patch-SLE12-SP5_Update_73&distro=SUSE Linux Enterprise Live Patching 12 SP5
< 1-8.3.1

SUSE-SU-2025:03614-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (392)