SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 42
CVE-ID CVE-2022-43945
CVE-2022-50327
CVE-2022-50334
CVE-2022-50388
CVE-2022-50423
CVE-2022-50432
CVE-2022-50470
CVE-2022-50480
CVE-2022-50484
CVE-2022-50487
CVE-2022-50488
CVE-2022-50489
CVE-2022-50493
CVE-2022-50494
CVE-2022-50496
CVE-2022-50504
CVE-2022-50513
CVE-2022-50516
CVE-2022-50532
CVE-2022-50534
CVE-2022-50544
CVE-2022-50546
CVE-2022-50549
CVE-2022-50563
CVE-2022-50574
CVE-2023-53282
CVE-2023-53365
CVE-2023-53395
CVE-2023-53500
CVE-2023-53559
CVE-2023-53564
CVE-2023-53566
CVE-2023-53574
CVE-2023-53619
CVE-2023-53673
CVE-2023-53705
CVE-2023-53722
CVE-2025-38476
CVE-2025-39968
CVE-2025-39973
CVE-2025-40018
CVE-2025-40082
CWE-ID CWE-119
CWE-476
CWE-404
CWE-416
CWE-20
CWE-401
CWE-399
CWE-667
CWE-908
CWE-125
CWE-617
Exploitation vector Network
Public exploit N/A
Vulnerable software
 SUSE Enterprise Server 15 SP3 Business Critical
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-al
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-zte
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-preempt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-preempt
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

dlm-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_226-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_226-default
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_63-debugsource
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 42 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU69766

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-43945

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attacl.

The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU115438

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50327

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the acpi_processor_get_lpi_info() function in drivers/acpi/processor_idle.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU115436

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50334

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU115928

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50388

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the drivers/nvme/host/nvme.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper resource shutdown or release

EUVDB-ID: #VU116340

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50423

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the acpi_ut_copy_ipackage_to_ipackage() function in drivers/acpi/acpica/utcopy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU116412

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50432

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kernfs_remove_by_name_ns() function in fs/kernfs/dir.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU116569

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50470

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the xhci_free_virt_device() function in drivers/usb/host/xhci-mem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory leak

EUVDB-ID: #VU116502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50480

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pl353_smc_probe() function in drivers/memory/pl353-smc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory leak

EUVDB-ID: #VU116499

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50484

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sync_ep_set_params() function in sound/usb/endpoint.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU116580

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50487

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the nfsd3_init_dirlist_pages() function in fs/nfsd/nfs3proc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU116521

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50488

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bfq_put_stable_ref() and bfq_exit_icq_bfqq() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory leak

EUVDB-ID: #VU116498

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50489

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mipi_dsi_remove_device_fn() function in drivers/gpu/drm/drm_mipi_dsi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Input validation error

EUVDB-ID: #VU116566

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50493

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the qla24xx_abort_iocb_timeout() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Input validation error

EUVDB-ID: #VU116567

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50494

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the start_power_clamp() function in drivers/thermal/intel_powerclamp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU116519

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50496

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the destroy() function in drivers/md/dm-cache-target.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Resource management error

EUVDB-ID: #VU116583

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50504

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the rtas_os_term() function in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Memory leak

EUVDB-ID: #VU116728

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50513

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the rtw_init_cmd_priv() function in drivers/staging/rtl8723bs/core/rtw_cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU116760

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50516

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the send_args() function in fs/dlm/lock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory leak

EUVDB-ID: #VU116715

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50532

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mpt3sas_transport_port_add() function in drivers/scsi/mpt3sas/mpt3sas_transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Improper locking

EUVDB-ID: #VU116805

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50534

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __open_metadata() function in drivers/md/dm-thin-metadata.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Memory leak

EUVDB-ID: #VU116708

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50544

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the xhci_alloc_stream_info() function in drivers/usb/host/xhci-mem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use of uninitialized resource

EUVDB-ID: #VU116817

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50546

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ext4_alloc_inode() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Improper locking

EUVDB-ID: #VU116804

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50549

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __create_persistent_data_objects(), dm_pool_metadata_close() and __set_abort_with_changes_flags() functions in drivers/md/dm-thin-metadata.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU117571

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50563

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __pool_destroy() function in drivers/md/dm-thin.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Memory leak

EUVDB-ID: #VU117558

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50574

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __dss_uninit_ports() and dss_init_ports() functions in drivers/gpu/drm/omapdrm/dss/dss.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Resource management error

EUVDB-ID: #VU115604

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53282

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the lpfc_wr_object() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper locking

EUVDB-ID: #VU115802

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53365

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ip6mr_cache_report() function in net/ipv6/ip6mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU115907

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53395

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the function in drivers/acpi/acpica/psopcode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Buffer overflow

EUVDB-ID: #VU116308

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53500

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xfrmi_xmit() function in net/xfrm/xfrm_interface_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use-after-free

EUVDB-ID: #VU116512

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53559

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vti_tunnel_xmit() function in net/ipv4/ip_vti.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Reachable assertion

EUVDB-ID: #VU116570

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53564

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the __ocfs2_move_extent() function in fs/ocfs2/move_extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Use-after-free

EUVDB-ID: #VU116510

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53566

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nft_rbtree_gc_elem() and __nft_rbtree_insert() functions in net/netfilter/nft_set_rbtree.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Memory leak

EUVDB-ID: #VU116488

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53574

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the rtw_core_deinit() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU116754

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53619

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nf_conntrack_helper_register() and nf_conntrack_helper_fini() functions in net/netfilter/nf_conntrack_helper.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Use-after-free

EUVDB-ID: #VU116746

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53673

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hci_cs_disconnect() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU117580

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53705

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ipv6_find_tlv() function in net/ipv6/exthdrs_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Out-of-bounds read

EUVDB-ID: #VU117579

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53722

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the raid1_remove_disk() function in drivers/md/raid1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU113375

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38476

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rpl_do_srh_inline() function in net/ipv6/rpl_iptunnel.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Buffer overflow

EUVDB-ID: #VU117288

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-39968

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the i40e_vc_del_cloud_filter() and i40e_vc_add_cloud_filter() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Input validation error

EUVDB-ID: #VU117274

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-39973

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the i40e_config_vsi_tx_queue() and i40e_config_vsi_rx_queue() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU117654

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-40018

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __ip_vs_ftp_exit() and ip_vs_ftp_init() functions in net/netfilter/ipvs/ip_vs_ftp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Out-of-bounds read

EUVDB-ID: #VU117726

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-40082

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Enterprise Server 15 SP3 Business Critical: Linux

SUSE Linux Enterprise Server 15 SP3: LTSS

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.226.2

dtb-exynos: before 5.3.18-150300.59.226.1

dtb-allwinner: before 5.3.18-150300.59.226.1

gfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra: before 5.3.18-150300.59.226.2

dtb-nvidia: before 5.3.18-150300.59.226.1

kernel-64kb-debugsource: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-freescale: before 5.3.18-150300.59.226.1

dtb-apm: before 5.3.18-150300.59.226.1

dtb-al: before 5.3.18-150300.59.226.1

dtb-amlogic: before 5.3.18-150300.59.226.1

dtb-mediatek: before 5.3.18-150300.59.226.1

dtb-hisilicon: before 5.3.18-150300.59.226.1

dtb-renesas: before 5.3.18-150300.59.226.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb: before 5.3.18-150300.59.226.2

dtb-cavium: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-socionext: before 5.3.18-150300.59.226.1

dtb-zte: before 5.3.18-150300.59.226.1

kernel-64kb-optional: before 5.3.18-150300.59.226.2

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

kselftests-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.226.2

dtb-xilinx: before 5.3.18-150300.59.226.1

dlm-kmp-64kb: before 5.3.18-150300.59.226.2

ocfs2-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-devel: before 5.3.18-150300.59.226.2

dtb-broadcom: before 5.3.18-150300.59.226.1

dtb-rockchip: before 5.3.18-150300.59.226.1

dtb-marvell: before 5.3.18-150300.59.226.1

dtb-altera: before 5.3.18-150300.59.226.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-arm: before 5.3.18-150300.59.226.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.226.2

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-64kb-debuginfo: before 5.3.18-150300.59.226.2

dtb-sprd: before 5.3.18-150300.59.226.1

dtb-amd: before 5.3.18-150300.59.226.1

dtb-lg: before 5.3.18-150300.59.226.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.226.2

dtb-qcom: before 5.3.18-150300.59.226.1

dtb-aarch64: before 5.3.18-150300.59.226.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.226.2

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.226.2

kernel-zfcpdump: before 5.3.18-150300.59.226.2

kernel-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel: before 5.3.18-150300.59.226.2

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-preempt: before 5.3.18-150300.59.226.2

reiserfs-kmp-preempt: before 5.3.18-150300.59.226.2

kselftests-kmp-preempt: before 5.3.18-150300.59.226.2

ocfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-preempt-extra: before 5.3.18-150300.59.226.2

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

kernel-preempt-debugsource: before 5.3.18-150300.59.226.2

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-preempt: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-preempt: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo: before 1-150300.7.5.2

kernel-kvmsmall-devel: before 5.3.18-150300.59.226.2

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.226.2

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.226.2

kernel-kvmsmall: before 5.3.18-150300.59.226.2

kernel-default-livepatch-devel: before 5.3.18-150300.59.226.2

kernel-livepatch-5_3_18-150300_59_226-default: before 1-150300.7.5.2

kernel-livepatch-5_3_18-150300_59_226-default-debuginfo: before 1-150300.7.5.2

kernel-livepatch-SLE15-SP3_Update_63-debugsource: before 1-150300.7.5.2

kernel-default: before 5.3.18-150300.59.226.2

kernel-obs-build-debugsource: before 5.3.18-150300.59.226.2

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-devel: before 5.3.18-150300.59.226.2

kernel-default-optional-debuginfo: before 5.3.18-150300.59.226.2

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-extra: before 5.3.18-150300.59.226.2

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

gfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-obs-build: before 5.3.18-150300.59.226.2

kernel-default-livepatch: before 5.3.18-150300.59.226.2

kernel-obs-qa: before 5.3.18-150300.59.226.1

cluster-md-kmp-default: before 5.3.18-150300.59.226.2

dlm-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-devel-debuginfo: before 5.3.18-150300.59.226.2

kernel-syms: before 5.3.18-150300.59.226.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-default-base: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-extra-debuginfo: before 5.3.18-150300.59.226.2

ocfs2-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-optional: before 5.3.18-150300.59.226.2

kselftests-kmp-default: before 5.3.18-150300.59.226.2

kernel-default-base-rebuild: before 5.3.18-150300.59.226.2.150300.18.134.2

kernel-default-debugsource: before 5.3.18-150300.59.226.2

reiserfs-kmp-default: before 5.3.18-150300.59.226.2

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.226.2

kernel-macros: before 5.3.18-150300.59.226.2

kernel-source-vanilla: before 5.3.18-150300.59.226.2

kernel-docs-html: before 5.3.18-150300.59.226.3

kernel-source: before 5.3.18-150300.59.226.2

kernel-devel: before 5.3.18-150300.59.226.2

kernel-docs: before 5.3.18-150300.59.226.3

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20254188-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###