SB2025112470 - SUSE update for the Linux Kernel
Published: November 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 42 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2022-43945)
The vulnerability allows a remote attacker to perform a denial of service attacl.
The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.
2) NULL pointer dereference (CVE-ID: CVE-2022-50327)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the acpi_processor_get_lpi_info() function in drivers/acpi/processor_idle.c. A local user can perform a denial of service (DoS) attack.
3) NULL pointer dereference (CVE-ID: CVE-2022-50334)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2022-50388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/nvme/host/nvme.h. A local user can perform a denial of service (DoS) attack.
5) Improper resource shutdown or release (CVE-ID: CVE-2022-50423)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the acpi_ut_copy_ipackage_to_ipackage() function in drivers/acpi/acpica/utcopy.c. A local user can perform a denial of service (DoS) attack.
6) Use-after-free (CVE-ID: CVE-2022-50432)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kernfs_remove_by_name_ns() function in fs/kernfs/dir.c. A local user can escalate privileges on the system.
7) Input validation error (CVE-ID: CVE-2022-50470)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the xhci_free_virt_device() function in drivers/usb/host/xhci-mem.c. A local user can perform a denial of service (DoS) attack.
8) Memory leak (CVE-ID: CVE-2022-50480)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pl353_smc_probe() function in drivers/memory/pl353-smc.c. A local user can perform a denial of service (DoS) attack.
9) Memory leak (CVE-ID: CVE-2022-50484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sync_ep_set_params() function in sound/usb/endpoint.c. A local user can perform a denial of service (DoS) attack.
10) Buffer overflow (CVE-ID: CVE-2022-50487)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfsd3_init_dirlist_pages() function in fs/nfsd/nfs3proc.c. A local user can escalate privileges on the system.
11) Use-after-free (CVE-ID: CVE-2022-50488)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_put_stable_ref() and bfq_exit_icq_bfqq() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
12) Memory leak (CVE-ID: CVE-2022-50489)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mipi_dsi_remove_device_fn() function in drivers/gpu/drm/drm_mipi_dsi.c. A local user can perform a denial of service (DoS) attack.
13) Input validation error (CVE-ID: CVE-2022-50493)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qla24xx_abort_iocb_timeout() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
14) Input validation error (CVE-ID: CVE-2022-50494)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the start_power_clamp() function in drivers/thermal/intel_powerclamp.c. A local user can perform a denial of service (DoS) attack.
15) Use-after-free (CVE-ID: CVE-2022-50496)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy() function in drivers/md/dm-cache-target.c. A local user can escalate privileges on the system.
16) Resource management error (CVE-ID: CVE-2022-50504)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rtas_os_term() function in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.
17) Memory leak (CVE-ID: CVE-2022-50513)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtw_init_cmd_priv() function in drivers/staging/rtl8723bs/core/rtw_cmd.c. A local user can perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2022-50516)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the send_args() function in fs/dlm/lock.c. A local user can escalate privileges on the system.
19) Memory leak (CVE-ID: CVE-2022-50532)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mpt3sas_transport_port_add() function in drivers/scsi/mpt3sas/mpt3sas_transport.c. A local user can perform a denial of service (DoS) attack.
20) Improper locking (CVE-ID: CVE-2022-50534)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __open_metadata() function in drivers/md/dm-thin-metadata.c. A local user can perform a denial of service (DoS) attack.
21) Memory leak (CVE-ID: CVE-2022-50544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xhci_alloc_stream_info() function in drivers/usb/host/xhci-mem.c. A local user can perform a denial of service (DoS) attack.
22) Use of uninitialized resource (CVE-ID: CVE-2022-50546)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ext4_alloc_inode() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
23) Improper locking (CVE-ID: CVE-2022-50549)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __create_persistent_data_objects(), dm_pool_metadata_close() and __set_abort_with_changes_flags() functions in drivers/md/dm-thin-metadata.c. A local user can perform a denial of service (DoS) attack.
24) Use-after-free (CVE-ID: CVE-2022-50563)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __pool_destroy() function in drivers/md/dm-thin.c. A local user can escalate privileges on the system.
25) Memory leak (CVE-ID: CVE-2022-50574)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __dss_uninit_ports() and dss_init_ports() functions in drivers/gpu/drm/omapdrm/dss/dss.c. A local user can perform a denial of service (DoS) attack.
26) Resource management error (CVE-ID: CVE-2023-53282)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lpfc_wr_object() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
27) Improper locking (CVE-ID: CVE-2023-53365)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip6mr_cache_report() function in net/ipv6/ip6mr.c. A local user can perform a denial of service (DoS) attack.
28) Out-of-bounds read (CVE-ID: CVE-2023-53395)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/acpi/acpica/psopcode.c. A local user can perform a denial of service (DoS) attack.
29) Buffer overflow (CVE-ID: CVE-2023-53500)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xfrmi_xmit() function in net/xfrm/xfrm_interface_core.c. A local user can perform a denial of service (DoS) attack.
30) Use-after-free (CVE-ID: CVE-2023-53559)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vti_tunnel_xmit() function in net/ipv4/ip_vti.c. A local user can escalate privileges on the system.
31) Reachable assertion (CVE-ID: CVE-2023-53564)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the __ocfs2_move_extent() function in fs/ocfs2/move_extents.c. A local user can perform a denial of service (DoS) attack.
32) Use-after-free (CVE-ID: CVE-2023-53566)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nft_rbtree_gc_elem() and __nft_rbtree_insert() functions in net/netfilter/nft_set_rbtree.c. A local user can escalate privileges on the system.
33) Memory leak (CVE-ID: CVE-2023-53574)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtw_core_deinit() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can perform a denial of service (DoS) attack.
34) Use-after-free (CVE-ID: CVE-2023-53619)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_conntrack_helper_register() and nf_conntrack_helper_fini() functions in net/netfilter/nf_conntrack_helper.c. A local user can escalate privileges on the system.
35) Use-after-free (CVE-ID: CVE-2023-53673)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_cs_disconnect() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.
36) Out-of-bounds read (CVE-ID: CVE-2023-53705)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ipv6_find_tlv() function in net/ipv6/exthdrs_core.c. A local user can perform a denial of service (DoS) attack.
37) Out-of-bounds read (CVE-ID: CVE-2023-53722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the raid1_remove_disk() function in drivers/md/raid1.c. A local user can perform a denial of service (DoS) attack.
38) Use-after-free (CVE-ID: CVE-2025-38476)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rpl_do_srh_inline() function in net/ipv6/rpl_iptunnel.c. A local user can escalate privileges on the system.
39) Buffer overflow (CVE-ID: CVE-2025-39968)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the i40e_vc_del_cloud_filter() and i40e_vc_add_cloud_filter() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can escalate privileges on the system.
40) Input validation error (CVE-ID: CVE-2025-39973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_config_vsi_tx_queue() and i40e_config_vsi_rx_queue() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
41) Use-after-free (CVE-ID: CVE-2025-40018)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __ip_vs_ftp_exit() and ip_vs_ftp_init() functions in net/netfilter/ipvs/ip_vs_ftp.c. A local user can escalate privileges on the system.
42) Out-of-bounds read (CVE-ID: CVE-2025-40082)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.