CVE-2022-49757

In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbankmcprobe When devresopengroup fails, it returns -ENOMEM without freeing memory allocated by edacmcalloc. Call edacmcfree on the error handling path to avoid a memory leak. bp: Massage comm...

USN-7380-1: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

CVE-2023-53022

In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetctxonesteptstamp This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-07010-ga9b9500ffaac-dirty 967 Not tainted...

CVE-2023-53018 Bluetooth: hci_conn: Fix memory leaks

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leaks When hcicmdsyncqueue failed in hcileterminatebig or hcilebigterminate, the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path...

CVE-2023-53003 EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info

In the Linux kernel, the following vulnerability has been resolved: EDAC/qcom: Do not pass llccdrivdata as edacdevicectlinfo's pvtinfo The memory for llccdrivdata is allocated by the LLCC driver. But when it is passed as the private driver info to the EDAC core, it will get freed during the...

CVE-2023-52998

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...

CVE-2023-52991

CVE-2023-52991 affects the Linux kernel’s skb_segment_list path. The issue stems from a prior change: net: Support GRO/GSO fraglist chaining, which can cause frag_list to be NULL if it is pulled into the linear area during processing. This condition leads to a NULL pointer dereference in skb_segm...

CVE-2023-52975 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...

CVE-2022-49746

In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fix a possible memory leak in sdmatransferinit If the function sdmaloadcontext fails, the sdmadesc will be freed, but the allocated desc-bd is forgot to be freed. We already met the sdmaloadcontext failure ca...

CVE-2022-49740

CVE-2022-49740 concerns the Linux kernel brcmfmac driver. The vulnerability arises when the device-provided channel spec count exceeds the allocated list length in brcmf_construct_chaninfo() and brcmf_enable_bw40_2g(), causing slab-out-of-bounds reads. The patch adds bounds checks so these functi...

CVE-2023-52931 drm/i915: Avoid potential vm use-after-free

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential vm use-after-free Adding the vm to the vmxa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table...

CVE-2023-52931

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential vm use-after-free Adding the vm to the vmxa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table...

SUSE-SU-2025:20165-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. - CVE-2024-27397: netfilter: nftables: use timestamp to check for...

CVE-2024-58090

In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouterresume+0x0/0x50 WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:1...

CVE-2025-21889 perf/core: Add RCU read lock protection to perf_iterate_ctx()

In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perfiteratectx The perfiteratectx function performs RCU list traversal but currently lacks RCU read lock protection. This causes lockdep warnings when running perf probe with unshare1...

CVE-2025-21884 net: better track kernel sockets lifetime

In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during pernetoperations-exit, their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skbsetownerw prior calls. Thi...

CVE-2025-21883 ice: Fix deinitializing VF in error path

In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries, it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Reproducer: devlink dev eswitch se...

CVE-2025-21881 uprobes: Reject the shared zeropage in uprobe_write_opcode()

In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobewriteopcode We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for set...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...