suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2

Vulnerabilities (1,696)

• CVE-2025-37953May 20, 2025
  affected < 5.3.18-150300.59.211.1.150300.18.126.1fixed 5.3.18-150300.59.211.1.150300.18.126.1

  In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres

• CVE-2025-37932May 20, 2025
  affected < 5.3.18-150300.59.211.1.150300.18.126.1fixed 5.3.18-150300.59.211.1.150300.18.126.1

  In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t

• CVE-2025-37890May 16, 2025
  affected < 5.3.18-150300.59.211.1.150300.18.126.1fixed 5.3.18-150300.59.211.1.150300.18.126.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs

• CVE-2025-37846May 9, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET* and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception i

• CVE-2025-37823May 8, 2025
  affected < 5.3.18-150300.59.211.1.150300.18.126.1fixed 5.3.18-150300.59.211.1.150300.18.126.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.

• CVE-2020-36791May 7, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: keep alloc_hash updated after hash allocation In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex") I moved cp->hash calculation before the first tcindex_alloc_perfect_hash(), but cp

• CVE-2023-53117May 2, 2025
  affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1

  In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369

• CVE-2023-53106May 2, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition This bug influences both st_nci_i2c_remove and st_nci_spi_remove. Take st_nci_i2c_remove as an example. In st_nci_i2c_probe, it called n

• CVE-2023-53052May 2, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refresh_cache_worker() The UAF bug occurred because we were putting DFS root sessions in cifs_umount() while DFS cache refresher was being executed. Make DFS root sessions have

• CVE-2023-53039May 2, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtp

• CVE-2025-37798May 2, 2025
  affected < 5.3.18-150300.59.211.1.150300.18.126.1fixed 5.3.18-150300.59.211.1.150300.18.126.1

  In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi

• CVE-2025-37797May 2, 2025
  affected < 5.3.18-150300.59.215.1.150300.18.128.1fixed 5.3.18-150300.59.215.1.150300.18.128.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

• CVE-2022-49927May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100

• CVE-2022-49922May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() nfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb should be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send() will

• CVE-2022-49915May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device()

• CVE-2022-49910May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Fix the race condition between the following two flows that run in parallel: 1. l2cap_reassemble_sdu -> chan->ops->recv (l2cap_sock_recv_cb)

• CVE-2022-49906May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 ("ibmvnic: retry reset if there are no other resets"

• CVE-2022-49892May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftrace_ops KASAN reported a use-after-free with ftrace ops [1]. It was found from vmcore that perf had registered two ops with the same content successively, both dynamic.

• CVE-2022-49889May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() On some machines the number of listed CPUs may be bigger than the actual CPUs that exist. The tracing subsystem allocates a per_cpu directory

• CVE-2022-49887May 1, 2025
  affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1

  In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called.