suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2

Vulnerabilities (1,696)

• CVE-2023-53179Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calcul

• CVE-2023-53178Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, where a swapped out page gets swapped in with data that was written to a different

• CVE-2023-53147Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(...

• CVE-2022-50260Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm: Make .remove and .shutdown HW shutdown consistent Drivers' .remove and .shutdown callbacks are executed on different code paths. The former is called when a device is removed from the bus, while the la

• CVE-2022-50258Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument o

• CVE-2022-50257Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the map_ops array would be invalid, whereas all of the entries in the kmap_ops arra

• CVE-2022-50252Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v

• CVE-2022-50249Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.

• CVE-2022-50248Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is inde

• CVE-2022-50235Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack.

• CVE-2022-50234Sep 15, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we want it to be done by io_uring itself. The trick here is to consider io_uring regis

• CVE-2025-38713HigSep 4, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() The hfsplus_readdir() method is capable to crash by calling hfsplus_uni2asc(): [ 667.121659][ T9805] =================================================

• CVE-2025-38685HigSep 4, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue triggers when a userspace program does an ioctl FBIOPUT_CON2FBMAP by passing console number and frame buffer number. Ideally this maps console

• CVE-2024-58240HigAug 28, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and ret

• CVE-2025-38664Aug 22, 2025
  affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1

  In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.

• CVE-2025-38644Aug 22, 2025
  affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before associati

• CVE-2025-38618Aug 22, 2025
  affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1

  In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac

• CVE-2025-38617Aug 22, 2025
  affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1

  In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a

• CVE-2024-58239Aug 22, 2025
  affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1

  In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of the same type still on the queue, we will end up merging them: - process_rx_list c

• CVE-2025-38608Aug 19, 2025
  affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1

  In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data len