SUSE-SU-2026:0316-1

Advisory lineage Upstream: 143 Downstream: 0
Published: 28 Jan 2026, 14:35
Last modified:23 Mar 2026, 04:52

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

28 Jan 2026, 14:35
Published
Vulnerability first disclosed
23 Mar 2026, 04:52
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-49604,CVE-2025-40074: ip: Fix data-races around sysctl_ip_fwd_use_pmtu (bsc#1238414 bsc#1252794). - CVE-2022-50527: drm/amdgpu: Fix size validation for non-exclusive domains (v4) (bsc#1251738). - CVE-2022-50625: serial: amba-pl011: avoid SBSA UART accessing DMACR register (bsc#1254559). - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlb_handle_userfault (bsc#1254785). - CVE-2022-50656: nfc: pn533: Clear nfc_target before being used (bsc#1254745). - CVE-2022-50678: wifi: brcmfmac: fix invalid address access when enabling SCAN log level (bsc#1254902). - CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576). - CVE-2023-53454: HID: multitouch: Correct devm device reference for hidinput input_dev name (bsc#1250759). - CVE-2023-53718: ring-buffer: Do not swap cpu_buffer during resize process (bsc#1252564). - CVE-2023-53748: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup (bsc#1254907). - CVE-2023-53765: dm cache: free background tracker's queued work in btracker_destroy (bsc#1254912). - CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254751). - CVE-2023-53788: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (bsc#1254917). - CVE-2023-53819: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va (bsc#1254712). - CVE-2023-53850: iavf: use internal state to free traffic IRQs (bsc#1254677). - CVE-2023-54120: Bluetooth: Fix race condition in hidp_session_thread (bsc#1256133). - CVE-2023-54214: Bluetooth: L2CAP: Fix potential user-after-free (bsc#1255954). - CVE-2023-54236: net/net_failover: fix txq exceeding warning (bsc#1255922). - CVE-2023-54286: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace (bsc#1255803). - CVE-2023-54300: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx (bsc#1255790). - CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431 bsc#1245499). - CVE-2025-38336: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (bsc#1246370). - CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256). - CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342). - CVE-2025-40035: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (bsc#1252866). - CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808). - CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845). - CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795). - CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776). - CVE-2025-40110: drm/vmwgfx: Fix a null-ptr access in the cursor snooper (bsc#1253275). - CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365). - CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342). - CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409). - CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355). - CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408). - CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402). - CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400). - CVE-2025-40164: usbnet: Fix using smp_processor_id() in preemptible code warnings (bsc#1253407). - CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458). - CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427). - CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413). - CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463). - CVE-2025-40198: ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (bsc#1253453). - CVE-2025-40200: Squashfs: reject negative file sizes in squashfs_read_inode() (bsc#1253448). - CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959). - CVE-2025-40219: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (bsc#1254518). - CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). - CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869). - CVE-2025-40244: hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (bsc#1255033). - CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864). - CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849). - CVE-2025-40269: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (bsc#1255035). - CVE-2025-40275: ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (bsc#1254829). - CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825). - CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846). - CVE-2025-40283: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (bsc#1254858). - CVE-2025-40304: fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (bsc#1255034). - CVE-2025-40308: Bluetooth: bcsp: receive data only if registered (bsc#1255064). - CVE-2025-40321: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (bsc#1254795). - CVE-2025-40322: fbdev: bitblit: bound-check glyph index in bit_putcs* (bsc#1255092). - CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). - CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081). - CVE-2025-40349: hfs: validate record offset in hfsplus_bmap_alloc (bsc#1255280). - CVE-2025-40351: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (bsc#1255281). - CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142). - CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507). The following non security issues were fixed: - HID: multitouch: Add NULL check in mt_input_configured (bsc#1250759). - Squashfs: add additional inode sanity checking (bsc#1253448). - drm/amdgpu: Fix potential NULL dereference (bsc#1251238).

Affected Systems

  • susekernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

    < 4.12.14-122.290.1

  • susekernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.290.1

  • susekernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.290.1

  • susekernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.290.1

  • susekernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.290.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

    < 4.12.14-122.290.1

  • susekernel-syms&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

    < 4.12.14-122.290.1

  • susekgraft-patch-SLE12-SP5_Update_76&distro=SUSE Linux Enterprise Live Patching 12 SP5

    < 1-8.7.1

References (312)