SUSE update for the Linux Kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 530 |
| CVE-ID | CVE-2017-5753 CVE-2021-4453 CVE-2021-4454 CVE-2021-47631 CVE-2021-47632 CVE-2021-47633 CVE-2021-47635 CVE-2021-47636 CVE-2021-47637 CVE-2021-47638 CVE-2021-47639 CVE-2021-47641 CVE-2021-47642 CVE-2021-47643 CVE-2021-47644 CVE-2021-47645 CVE-2021-47646 CVE-2021-47647 CVE-2021-47648 CVE-2021-47649 CVE-2021-47650 CVE-2021-47651 CVE-2021-47652 CVE-2021-47653 CVE-2021-47654 CVE-2021-47656 CVE-2021-47657 CVE-2021-47659 CVE-2022-0168 CVE-2022-0995 CVE-2022-1016 CVE-2022-1048 CVE-2022-1184 CVE-2022-2977 CVE-2022-29900 CVE-2022-29901 CVE-2022-3303 CVE-2022-3435 CVE-2022-49044 CVE-2022-49050 CVE-2022-49051 CVE-2022-49053 CVE-2022-49054 CVE-2022-49055 CVE-2022-49058 CVE-2022-49059 CVE-2022-49060 CVE-2022-49061 CVE-2022-49063 CVE-2022-49065 CVE-2022-49066 CVE-2022-49073 CVE-2022-49074 CVE-2022-49076 CVE-2022-49078 CVE-2022-49082 CVE-2022-49083 CVE-2022-49084 CVE-2022-49085 CVE-2022-49086 CVE-2022-49088 CVE-2022-49089 CVE-2022-49090 CVE-2022-49091 CVE-2022-49092 CVE-2022-49093 CVE-2022-49095 CVE-2022-49096 CVE-2022-49097 CVE-2022-49098 CVE-2022-49099 CVE-2022-49100 CVE-2022-49102 CVE-2022-49103 CVE-2022-49104 CVE-2022-49105 CVE-2022-49106 CVE-2022-49107 CVE-2022-49109 CVE-2022-49111 CVE-2022-49112 CVE-2022-49113 CVE-2022-49114 CVE-2022-49115 CVE-2022-49116 CVE-2022-49118 CVE-2022-49119 CVE-2022-49120 CVE-2022-49121 CVE-2022-49122 CVE-2022-49126 CVE-2022-49128 CVE-2022-49129 CVE-2022-49130 CVE-2022-49131 CVE-2022-49132 CVE-2022-49135 CVE-2022-49137 CVE-2022-49145 CVE-2022-49147 CVE-2022-49148 CVE-2022-49151 CVE-2022-49153 CVE-2022-49154 CVE-2022-49155 CVE-2022-49156 CVE-2022-49157 CVE-2022-49158 CVE-2022-49159 CVE-2022-49160 CVE-2022-49162 CVE-2022-49163 CVE-2022-49164 CVE-2022-49165 CVE-2022-49174 CVE-2022-49175 CVE-2022-49176 CVE-2022-49177 CVE-2022-49179 CVE-2022-49180 CVE-2022-49182 CVE-2022-49185 CVE-2022-49187 CVE-2022-49188 CVE-2022-49189 CVE-2022-49193 CVE-2022-49194 CVE-2022-49196 CVE-2022-49199 CVE-2022-49200 CVE-2022-49201 CVE-2022-49206 CVE-2022-49208 CVE-2022-49212 CVE-2022-49213 CVE-2022-49214 CVE-2022-49216 CVE-2022-49217 CVE-2022-49218 CVE-2022-49221 CVE-2022-49222 CVE-2022-49224 CVE-2022-49226 CVE-2022-49227 CVE-2022-49232 CVE-2022-49235 CVE-2022-49236 CVE-2022-49239 CVE-2022-49241 CVE-2022-49242 CVE-2022-49243 CVE-2022-49244 CVE-2022-49246 CVE-2022-49247 CVE-2022-49248 CVE-2022-49249 CVE-2022-49250 CVE-2022-49251 CVE-2022-49252 CVE-2022-49253 CVE-2022-49254 CVE-2022-49256 CVE-2022-49257 CVE-2022-49258 CVE-2022-49259 CVE-2022-49260 CVE-2022-49261 CVE-2022-49262 CVE-2022-49263 CVE-2022-49264 CVE-2022-49265 CVE-2022-49266 CVE-2022-49268 CVE-2022-49269 CVE-2022-49270 CVE-2022-49271 CVE-2022-49272 CVE-2022-49273 CVE-2022-49274 CVE-2022-49275 CVE-2022-49276 CVE-2022-49277 CVE-2022-49278 CVE-2022-49279 CVE-2022-49280 CVE-2022-49281 CVE-2022-49283 CVE-2022-49285 CVE-2022-49286 CVE-2022-49287 CVE-2022-49288 CVE-2022-49290 CVE-2022-49291 CVE-2022-49292 CVE-2022-49293 CVE-2022-49294 CVE-2022-49295 CVE-2022-49297 CVE-2022-49298 CVE-2022-49299 CVE-2022-49300 CVE-2022-49301 CVE-2022-49302 CVE-2022-49304 CVE-2022-49305 CVE-2022-49307 CVE-2022-49308 CVE-2022-49309 CVE-2022-49310 CVE-2022-49311 CVE-2022-49312 CVE-2022-49313 CVE-2022-49314 CVE-2022-49315 CVE-2022-49316 CVE-2022-49319 CVE-2022-49320 CVE-2022-49321 CVE-2022-49322 CVE-2022-49323 CVE-2022-49326 CVE-2022-49327 CVE-2022-49328 CVE-2022-49331 CVE-2022-49332 CVE-2022-49335 CVE-2022-49336 CVE-2022-49337 CVE-2022-49339 CVE-2022-49341 CVE-2022-49342 CVE-2022-49343 CVE-2022-49345 CVE-2022-49346 CVE-2022-49347 CVE-2022-49348 CVE-2022-49349 CVE-2022-49350 CVE-2022-49351 CVE-2022-49352 CVE-2022-49354 CVE-2022-49356 CVE-2022-49357 CVE-2022-49367 CVE-2022-49368 CVE-2022-49370 CVE-2022-49371 CVE-2022-49373 CVE-2022-49375 CVE-2022-49376 CVE-2022-49377 CVE-2022-49378 CVE-2022-49379 CVE-2022-49381 CVE-2022-49382 CVE-2022-49384 CVE-2022-49385 CVE-2022-49386 CVE-2022-49389 CVE-2022-49392 CVE-2022-49394 CVE-2022-49396 CVE-2022-49397 CVE-2022-49398 CVE-2022-49399 CVE-2022-49400 CVE-2022-49402 CVE-2022-49404 CVE-2022-49407 CVE-2022-49409 CVE-2022-49410 CVE-2022-49411 CVE-2022-49412 CVE-2022-49413 CVE-2022-49414 CVE-2022-49416 CVE-2022-49418 CVE-2022-49421 CVE-2022-49422 CVE-2022-49424 CVE-2022-49426 CVE-2022-49427 CVE-2022-49429 CVE-2022-49430 CVE-2022-49431 CVE-2022-49432 CVE-2022-49433 CVE-2022-49434 CVE-2022-49435 CVE-2022-49437 CVE-2022-49438 CVE-2022-49440 CVE-2022-49441 CVE-2022-49442 CVE-2022-49443 CVE-2022-49444 CVE-2022-49445 CVE-2022-49447 CVE-2022-49448 CVE-2022-49449 CVE-2022-49451 CVE-2022-49453 CVE-2022-49455 CVE-2022-49459 CVE-2022-49460 CVE-2022-49462 CVE-2022-49463 CVE-2022-49465 CVE-2022-49466 CVE-2022-49467 CVE-2022-49468 CVE-2022-49472 CVE-2022-49473 CVE-2022-49474 CVE-2022-49475 CVE-2022-49477 CVE-2022-49478 CVE-2022-49480 CVE-2022-49481 CVE-2022-49482 CVE-2022-49486 CVE-2022-49487 CVE-2022-49488 CVE-2022-49489 CVE-2022-49490 CVE-2022-49491 CVE-2022-49492 CVE-2022-49493 CVE-2022-49494 CVE-2022-49495 CVE-2022-49498 CVE-2022-49501 CVE-2022-49502 CVE-2022-49503 CVE-2022-49504 CVE-2022-49505 CVE-2022-49506 CVE-2022-49507 CVE-2022-49508 CVE-2022-49509 CVE-2022-49512 CVE-2022-49514 CVE-2022-49515 CVE-2022-49517 CVE-2022-49519 CVE-2022-49520 CVE-2022-49521 CVE-2022-49522 CVE-2022-49523 CVE-2022-49524 CVE-2022-49525 CVE-2022-49526 CVE-2022-49527 CVE-2022-49532 CVE-2022-49534 CVE-2022-49535 CVE-2022-49536 CVE-2022-49537 CVE-2022-49541 CVE-2022-49542 CVE-2022-49544 CVE-2022-49545 CVE-2022-49546 CVE-2022-49549 CVE-2022-49551 CVE-2022-49555 CVE-2022-49556 CVE-2022-49559 CVE-2022-49562 CVE-2022-49563 CVE-2022-49564 CVE-2022-49566 CVE-2022-49568 CVE-2022-49569 CVE-2022-49570 CVE-2022-49579 CVE-2022-49581 CVE-2022-49583 CVE-2022-49584 CVE-2022-49591 CVE-2022-49592 CVE-2022-49603 CVE-2022-49605 CVE-2022-49606 CVE-2022-49607 CVE-2022-49609 CVE-2022-49610 CVE-2022-49611 CVE-2022-49613 CVE-2022-49615 CVE-2022-49616 CVE-2022-49617 CVE-2022-49618 CVE-2022-49621 CVE-2022-49623 CVE-2022-49625 CVE-2022-49626 CVE-2022-49627 CVE-2022-49628 CVE-2022-49631 CVE-2022-49634 CVE-2022-49640 CVE-2022-49641 CVE-2022-49642 CVE-2022-49643 CVE-2022-49644 CVE-2022-49645 CVE-2022-49646 CVE-2022-49647 CVE-2022-49648 CVE-2022-49649 CVE-2022-49650 CVE-2022-49652 CVE-2022-49653 CVE-2022-49656 CVE-2022-49657 CVE-2022-49661 CVE-2022-49663 CVE-2022-49665 CVE-2022-49667 CVE-2022-49668 CVE-2022-49670 CVE-2022-49671 CVE-2022-49672 CVE-2022-49673 CVE-2022-49674 CVE-2022-49675 CVE-2022-49676 CVE-2022-49677 CVE-2022-49678 CVE-2022-49679 CVE-2022-49680 CVE-2022-49683 CVE-2022-49685 CVE-2022-49687 CVE-2022-49688 CVE-2022-49693 CVE-2022-49695 CVE-2022-49699 CVE-2022-49700 CVE-2022-49701 CVE-2022-49703 CVE-2022-49704 CVE-2022-49705 CVE-2022-49707 CVE-2022-49708 CVE-2022-49710 CVE-2022-49711 CVE-2022-49712 CVE-2022-49713 CVE-2022-49714 CVE-2022-49715 CVE-2022-49716 CVE-2022-49719 CVE-2022-49720 CVE-2022-49721 CVE-2022-49722 CVE-2022-49723 CVE-2022-49724 CVE-2022-49725 CVE-2022-49726 CVE-2022-49729 CVE-2022-49730 CVE-2022-49731 CVE-2022-49733 CVE-2022-49739 CVE-2022-49746 CVE-2022-49748 CVE-2022-49751 CVE-2022-49753 CVE-2022-49755 CVE-2022-49759 CVE-2023-0179 CVE-2023-1652 CVE-2023-2162 CVE-2023-28410 CVE-2023-3567 CVE-2023-52930 CVE-2023-52933 CVE-2023-52935 CVE-2023-52939 CVE-2023-52941 CVE-2023-52973 CVE-2023-52974 CVE-2023-52975 CVE-2023-52976 CVE-2023-52979 CVE-2023-52983 CVE-2023-52984 CVE-2023-52988 CVE-2023-52989 CVE-2023-52992 CVE-2023-52993 CVE-2023-53000 CVE-2023-53005 CVE-2023-53006 CVE-2023-53007 CVE-2023-53008 CVE-2023-53010 CVE-2023-53015 CVE-2023-53016 CVE-2023-53019 CVE-2023-53023 CVE-2023-53024 CVE-2023-53025 CVE-2023-53026 CVE-2023-53028 CVE-2023-53029 CVE-2023-53030 CVE-2023-53033 CVE-2024-2201 CVE-2024-41092 CVE-2024-42098 CVE-2024-42229 CVE-2024-42240 CVE-2024-50290 CVE-2024-53063 CVE-2024-53064 CVE-2024-56651 CVE-2024-57996 CVE-2024-58014 CVE-2024-58083 CVE-2025-21693 CVE-2025-21714 CVE-2025-21718 CVE-2025-21732 CVE-2025-21753 CVE-2025-21772 CVE-2025-21780 CVE-2025-21839 |
| CWE-ID | CWE-200 CWE-401 CWE-399 CWE-476 CWE-416 CWE-125 CWE-388 CWE-667 CWE-415 CWE-20 CWE-119 CWE-682 CWE-787 CWE-1037 CWE-835 CWE-665 CWE-191 CWE-908 CWE-190 CWE-369 CWE-366 CWE-362 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #1 is being exploited in the wild. Public exploit code for vulnerability #30 is available. Public exploit code for vulnerability #473 is available. |
| Vulnerable software |
SUSE Linux Enterprise Micro for Rancher Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system kernel-source-rt Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 530 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU9884
Risk: Low
CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear]
CVE-ID: CVE-2017-5753
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can perform a bounds check bypass, execute arbitrary code, conduct a side-channel attack and read sensitive memory information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Memory leak
EUVDB-ID: #VU104403
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-4453
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the smu_v12_0_fini_smc_tables() function in drivers/gpu/drm/amd/pm/swsmu/smu12/smu_v12_0.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource management error
EUVDB-ID: #VU106217
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-4454
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the j1939_session_deactivate() function in net/can/j1939/transport.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU104649
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47631
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the da850_evm_config_emac() function in arch/arm/mach-davinci/board-da850-evm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU104496
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47632
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pte_update_delta() and change_page_attr() functions in arch/powerpc/mm/pageattr.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU104540
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47633
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath5k_eeprom_convert_pcal_info_5111() function in drivers/net/wireless/ath/ath5k/eeprom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper error handling
EUVDB-ID: #VU104765
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47635
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ubifs_write_end(), do_writepage(), ubifs_invalidatepage(), ubifs_migrate_page(), ubifs_releasepage() and ubifs_vm_page_mkwrite() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU104542
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47636
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ubifs_wbuf_write_nolock() function in fs/ubifs/io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper locking
EUVDB-ID: #VU104713
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47637
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_rename() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Double free
EUVDB-ID: #VU104741
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47638
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the do_rename() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free
EUVDB-ID: #VU104501
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47639
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kvm_tdp_mmu_put_root(), tdp_mmu_next_root(), kvm_tdp_mmu_wrprot_slot(), kvm_tdp_mmu_clear_dirty_slot() and kvm_tdp_mmu_zap_collapsible_sptes() functions in arch/x86/kvm/mmu/tdp_mmu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU104729
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47641
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cirrusfb_check_mclk() and cirrusfb_check_pixclock() functions in drivers/video/fbdev/cirrusfb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU104808
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47642
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nvidia_setup_i2c_bus() function in drivers/video/fbdev/nvidia/nv_i2c.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Memory leak
EUVDB-ID: #VU104404
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47643
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the irtoy_probe() function in drivers/media/rc/ir_toy.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Memory leak
EUVDB-ID: #VU104405
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47644
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zoran_queue_init() function in drivers/staging/media/zoran/zoran_driver.c, within the zoran_check_jpg_settings(), zr36057_init(), dma_free_coherent() and zoran_remove() functions in drivers/staging/media/zoran/zoran_card.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) NULL pointer dereference
EUVDB-ID: #VU104650
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47645
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the zoran_reap_stat_com() function in drivers/staging/media/zoran/zoran_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Use-after-free
EUVDB-ID: #VU104499
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47646
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_setup_merge() and bfq_setup_cooperator() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) NULL pointer dereference
EUVDB-ID: #VU104651
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47647
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the F() and &() functions in drivers/clk/qcom/gcc-ipq8074.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Memory leak
EUVDB-ID: #VU104406
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47648
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the host1x_remove() function in drivers/gpu/host1x/dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Incorrect calculation
EUVDB-ID: #VU104914
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47649
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the udmabuf_create() function in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Out-of-bounds read
EUVDB-ID: #VU104541
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47650
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_soc_new_compress() function in sound/soc/soc-compress.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use-after-free
EUVDB-ID: #VU104498
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47651
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rpmpd_probe() function in drivers/soc/qcom/rpmpd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) NULL pointer dereference
EUVDB-ID: #VU104652
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47652
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ufx_usb_probe() function in drivers/video/fbdev/smscufx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Memory leak
EUVDB-ID: #VU104407
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47653
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the MODULE_ALIAS(), vpif_channel_getfid() and vpif_probe() functions in drivers/media/platform/davinci/vpif.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Memory leak
EUVDB-ID: #VU104408
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47654
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the populate_ruleset() function in samples/landlock/sandboxer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Use-after-free
EUVDB-ID: #VU104497
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47656
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jffs2_free_ino_caches() function in fs/jffs2/fs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper error handling
EUVDB-ID: #VU104766
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47657
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the virtio_gpu_array_put_free() function in drivers/gpu/drm/virtio/virtgpu_gem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Memory leak
EUVDB-ID: #VU104411
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47659
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_universal_plane_init() function in drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) NULL pointer dereference
EUVDB-ID: #VU63789
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-0168
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS). A privileged (CAP_SYS_ADMIN) attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Out-of-bounds write
EUVDB-ID: #VU61772
Risk: Low
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]
CVE-ID: CVE-2022-0995
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Linux kernel’s watch_queue event notification subsystem. A local user can run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
31) Use-after-free
EUVDB-ID: #VU62028
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-1016
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a use-after-free error in net/netfilter/nf_tables_core.c:nft_do_chain in Linux kernel.. A local user can trigger a use-after-free error and gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Use-after-free
EUVDB-ID: #VU63428
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-1048
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code with elevated privileges.
The vulnerability exists due to a use-after-free error in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. A local user can execute arbitrary code with elevated privileges and perform a denial-of-service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Use-after-free
EUVDB-ID: #VU64438
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-1184
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to a use-after-free error in fs/ext4/namei.c:dx_insert_block() function in the Linux kernel’s filesystem sub-component.. A local user can trigger use-after-free and perform a denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Use-after-free
EUVDB-ID: #VU67479
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-2977
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the Linux kernel implementation of proxied virtualized TPM devices. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU65205
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-29900
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a mistrained branch predictions for return instructions. A local user can execute arbitrary speculative code under certain microarchitecture-dependent conditions. The vulnerability was dubbed RETbleed.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU65220
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-29901
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) NULL pointer dereference
EUVDB-ID: #VU68338
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-3303
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel sound subsystem due to improper locking when handling the SNDCTL_DSP_SYNC ioctl. A privileged local user can trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Out-of-bounds read
EUVDB-ID: #VU70499
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-3435
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the fib_nh_match() function in net/ipv4/fib_semantics.c IPv4 handler. A remote attacker can send specially crafted data to the system, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Buffer overflow
EUVDB-ID: #VU104801
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49044
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the kvmalloc_array() function in drivers/md/dm-integrity.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Memory leak
EUVDB-ID: #VU104354
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49050
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rpcif_probe() function in drivers/memory/renesas-rpc-if.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Out-of-bounds read
EUVDB-ID: #VU104531
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49051
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the aqc111_rx_fixup() function in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Use-after-free
EUVDB-ID: #VU104481
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49053
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcmu_try_get_data_page() and tcmu_vma_fault() functions in drivers/target/target_core_user.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Input validation error
EUVDB-ID: #VU104921
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49054
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hyperv_panic_event(), hyperv_die_event() and vmbus_bus_init() functions in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) NULL pointer dereference
EUVDB-ID: #VU104620
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49055
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_event_waiters() function in drivers/gpu/drm/amd/amdkfd/kfd_events.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Buffer overflow
EUVDB-ID: #VU104802
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49058
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the parse_mf_symlink() function in fs/cifs/link.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Use-after-free
EUVDB-ID: #VU104480
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49059
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nci_close_device() function in net/nfc/nci/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) NULL pointer dereference
EUVDB-ID: #VU104621
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49060
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smc_pnet_find_ib() function in net/smc/smc_pnet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) NULL pointer dereference
EUVDB-ID: #VU104622
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49061
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the socfpga_dwmac_fix_mac_speed() function in drivers/net/ethernet/stmicro/stmmac/dwmac-socfpga.c, within the TSE_PCS_USE_SGMII_ENA BIT() and tse_pcs_fix_mac_speed() functions in drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Use-after-free
EUVDB-ID: #VU104478
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49063
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ice_vsi_req_irq_msix(), ice_setup_pf_sw() and ice_suspend() functions in drivers/net/ethernet/intel/ice/ice_main.c, within the ice_vsi_free_irq() function in drivers/net/ethernet/intel/ice/ice_lib.c, within the ice_free_cpu_rx_rmap(), ice_set_cpu_rx_rmap(), ice_remove_arfs() and ice_rebuild_arfs() functions in drivers/net/ethernet/intel/ice/ice_arfs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) NULL pointer dereference
EUVDB-ID: #VU104623
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49065
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/trace/events/sunrpc.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Improper error handling
EUVDB-ID: #VU104763
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49066
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the veth_xmit() function in drivers/net/veth.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Out-of-bounds read
EUVDB-ID: #VU104532
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49073
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the SATA_DWC_QCMD_MAX() function in drivers/ata/sata_dwc_460ex.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Resource management error
EUVDB-ID: #VU104879
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49074
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gic_dist_base() and gic_do_wait_for_rwp() functions in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Use-after-free
EUVDB-ID: #VU104477
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49076
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfi1_mmu_rb_unregister() function in drivers/infiniband/hw/hfi1/mmu_rb.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Use-after-free
EUVDB-ID: #VU104476
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49078
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LZ4_decompress_generic() function in lib/lz4/lz4_decompress.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Use-after-free
EUVDB-ID: #VU104475
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49082
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _scsih_expander_node_remove() function in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) NULL pointer dereference
EUVDB-ID: #VU104627
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49083
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omap_iommu_probe_device() function in drivers/iommu/omap-iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Improper error handling
EUVDB-ID: #VU104761
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49084
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the qede_build_skb() function in drivers/net/ethernet/qlogic/qede/qede_fp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Use-after-free
EUVDB-ID: #VU104474
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49085
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drbd_bitmap_io_from_worker(), notify_resource_state_change(), notify_connection_state_change(), notify_device_state_change(), notify_peer_device_state_change() and broadcast_state_change() functions in drivers/block/drbd/drbd_state.c, within the nla_put_notification_header(), notify_resource_state(), notify_device_state(), notify_connection_state(), notify_peer_device_state(), notify_initial_state_done() and get_initial_state() functions in drivers/block/drbd/drbd_nl.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Memory leak
EUVDB-ID: #VU104359
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49086
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nla_alloc_flow_actions() and ovs_nla_free_set_action() functions in net/openvswitch/flow_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Memory leak
EUVDB-ID: #VU104360
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49088
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpaa2_ptp_probe() and fsl_mc_free_irqs() functions in drivers/net/ethernet/freescale/dpaa2/dpaa2-ptp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Improper locking
EUVDB-ID: #VU104701
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49089
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the spin_lock_irqsave() function in drivers/infiniband/sw/rdmavt/qp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) NULL pointer dereference
EUVDB-ID: #VU104628
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49090
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the secondary_start_kernel() function in arch/arm64/kernel/smp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Memory leak
EUVDB-ID: #VU104361
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49091
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_pd_connector_get_modes() function in drivers/gpu/drm/imx/parallel-display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Improper locking
EUVDB-ID: #VU104702
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49092
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fib_nh_match() function in net/ipv4/fib_semantics.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Use-after-free
EUVDB-ID: #VU104472
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49093
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the skb_try_coalesce() function in net/core/skbuff.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Memory leak
EUVDB-ID: #VU104362
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49095
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zorro7xx_remove_one() function in drivers/scsi/zorro7xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) NULL pointer dereference
EUVDB-ID: #VU104629
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49096
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_remove_channels(), efx_realloc_channels() and efx_set_channels() functions in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Infinite loop
EUVDB-ID: #VU104816
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49097
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the EXPORT_SYMBOL_GPL() function in fs/nfs/write.c, within the nfs_set_pgio_error(), nfs_generic_pgio() and nfs_pageio_alloc_mirrors() functions in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper Initialization
EUVDB-ID: #VU104860
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49098
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the vmbus_exit() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Resource management error
EUVDB-ID: #VU104909
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49099
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmbus_device_register() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Buffer overflow
EUVDB-ID: #VU104919
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49100
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the init() and fini() functions in drivers/char/virtio_console.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Memory leak
EUVDB-ID: #VU104363
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49102
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hl_mmu_v1_fini() function in drivers/misc/habanalabs/common/mmu/mmu_v1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Memory leak
EUVDB-ID: #VU104364
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49103
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the _nfs42_proc_copy_notify() function in fs/nfs/nfs42proc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) NULL pointer dereference
EUVDB-ID: #VU104630
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49104
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vchiq_msg_queue_push() and vchiq_msg_hold() functions in drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Memory leak
EUVDB-ID: #VU104365
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49105
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wfx_init_common() function in drivers/staging/wfx/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) NULL pointer dereference
EUVDB-ID: #VU104631
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49106
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vchiq_dump_platform_instances() function in drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Memory leak
EUVDB-ID: #VU104366
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49107
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fs/ceph/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Memory leak
EUVDB-ID: #VU104368
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49109
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ceph_get_snapdir() function in fs/ceph/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Use-after-free
EUVDB-ID: #VU104471
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49111
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_disconn_phylink_complete_evt() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Improper error handling
EUVDB-ID: #VU104760
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49112
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the drivers/net/wireless/mediatek/mt76/mt76.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Memory leak
EUVDB-ID: #VU104369
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49113
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the format_show() function in arch/powerpc/kernel/secvar-sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Use-after-free
EUVDB-ID: #VU104469
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49114
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fc_exch_abts_resp() function in drivers/scsi/libfc/fc_exch.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) Memory leak
EUVDB-ID: #VU104370
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49115
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci_epf_test_write() function in drivers/pci/endpoint/functions/pci-epf-test.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Memory leak
EUVDB-ID: #VU104371
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49116
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the l2cap_ecred_connect() function in net/bluetooth/l2cap_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Improper error handling
EUVDB-ID: #VU104759
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49118
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the cq_interrupt_v3_hw(), interrupt_preinit_v3_hw(), hisi_sas_v3_probe() and hisi_sas_v3_destroy_irqs() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Memory leak
EUVDB-ID: #VU104373
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49119
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm8001_chip_fw_flash_update_req() function in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Memory leak
EUVDB-ID: #VU104374
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49120
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm8001_send_abort_all() function in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Memory leak
EUVDB-ID: #VU104375
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49121
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm80xx_chip_phy_ctl_req() function in drivers/scsi/pm8001/pm80xx_hwi.c, within the pm8001_exec_internal_task_abort() function in drivers/scsi/pm8001/pm8001_sas.c, within the pm8001_chip_reg_dev_req(), pm8001_chip_fw_flash_update_req() and pm8001_chip_set_dev_state_req() functions in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Memory leak
EUVDB-ID: #VU104376
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49122
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lookup_ioctl() function in drivers/md/dm-ioctl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Memory leak
EUVDB-ID: #VU104377
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49126
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mpi3mr_free_op_req_q_segments() function in drivers/scsi/mpi3mr/mpi3mr_fw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Memory leak
EUVDB-ID: #VU104378
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49128
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nwl_dsi_bridge_mode_set() function in drivers/gpu/drm/bridge/nwl-dsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Use-after-free
EUVDB-ID: #VU104483
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49129
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mt7921_stop() function in drivers/net/wireless/mediatek/mt76/mt7921/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) NULL pointer dereference
EUVDB-ID: #VU104633
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49130
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath11k_mhi_set_state() function in drivers/net/wireless/ath/ath11k/mhi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Resource management error
EUVDB-ID: #VU104878
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49131
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath11k_ahb_free_ext_irq() function in drivers/net/wireless/ath/ath11k/ahb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Improper locking
EUVDB-ID: #VU104704
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49132
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath11k_pci_pm_suspend() and ath11k_pci_pm_resume() functions in drivers/net/wireless/ath/ath11k/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Memory leak
EUVDB-ID: #VU104379
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49135
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dp_link_settings_read(), dp_phy_settings_read(), dp_dsc_clock_en_read(), dp_dsc_slice_width_read(), dp_dsc_slice_height_read(), dp_dsc_bits_per_pixel_read(), dp_dsc_pic_width_read(), dp_dsc_pic_height_read(), dp_dsc_chunk_size_read(), dp_dsc_slice_bpg_offset_read() and dcc_en_bits_read() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) Memory leak
EUVDB-ID: #VU104380
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49137
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_cs_fence_to_handle_ioctl() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Out-of-bounds read
EUVDB-ID: #VU104534
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49145
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the acpi_cppc_processor_probe() function in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) Buffer overflow
EUVDB-ID: #VU104891
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49147
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_alloc_ext_minor() function in block/genhd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Memory leak
EUVDB-ID: #VU104382
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49148
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __put_watch_queue() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Improper locking
EUVDB-ID: #VU104708
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49151
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mcba_usb_xmit(), mcba_usb_read_bulk_callback(), mcba_usb_start() and mcba_usb_probe() functions in drivers/net/can/usb/mcba_usb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) Memory leak
EUVDB-ID: #VU104384
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49153
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rcu_read_unlock_bh() function in drivers/net/wireguard/socket.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Out-of-bounds read
EUVDB-ID: #VU104535
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49154
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the svm_update_pi_irte() function in arch/x86/kvm/svm/avic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Improper locking
EUVDB-ID: #VU104709
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49155
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qla2xxx_create_qpair() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Improper locking
EUVDB-ID: #VU104710
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49156
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qla24xx_handle_plogi_done_event() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) Resource management error
EUVDB-ID: #VU104910
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49157
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qla27xx_fwdt_entry_t266() function in drivers/scsi/qla2xxx/qla_tmpl.c, within the qla2xxx_pci_error_detected() and qla2xxx_pci_mmio_enabled() functions in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Improper error handling
EUVDB-ID: #VU104758
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49158
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the qla2x00_async_login_sp_done(), qla2x00_async_adisc_sp_done() and qla2x00_async_prli_sp_done() functions in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) NULL pointer dereference
EUVDB-ID: #VU104638
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49159
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_async_nack_sp_done() and qla24xx_async_notify_ack() functions in drivers/scsi/qla2xxx/qla_target.c, within the qla2x00_sp_compl(), qla2xxx_qpair_sp_compl(), qla2xxx_queuecommand() and qla2xxx_mqueuecommand() functions in drivers/scsi/qla2xxx/qla_os.c, within the qlafx00_fx_disc() and dma_free_coherent() functions in drivers/scsi/qla2xxx/qla_mr.c, within the qla24xx_control_vp() function in drivers/scsi/qla2xxx/qla_mid.c, within the qla24xx_send_mb_cmd() function in drivers/scsi/qla2xxx/qla_mbx.c, within the qla24xx_tm_iocb(), qla24xx_els_dcmd_iocb(), qla2x00_els_dcmd2_sp_done(), qla24xx_els_dcmd2_iocb() and qla2x00_start_sp() functions in drivers/scsi/qla2xxx/qla_iocb.c, within the qla2x00_sp_timeout(), qla24xx_abort_iocb_timeout(), qla24xx_abort_sp_done(), qla24xx_async_abort_cmd(), qla2x00_async_login_sp_done(), qla2x00_async_login(), qla2x00_async_logout_sp_done(), qla2x00_async_logout(), qla2x00_async_prlo_sp_done(), qla2x00_async_prlo(), qla2x00_async_adisc_sp_done(), qla2x00_async_adisc(), qla24xx_async_gnl_sp_done(), qla24xx_async_gnl(), dma_pool_free(), qla2x00_async_prli_sp_done(), qla24xx_async_prli() and qla2x00_async_tm_cmd() functions in drivers/scsi/qla2xxx/qla_init.c, within the qla2x00_async_sns_sp_done(), qla_async_rftid(), qla_async_rffid(), qla_async_rnnid(), qla_async_rsnn_nn(), qla24xx_async_gpsc_sp_done(), qla24xx_async_gpsc(), qla24xx_sp_unmap(), qla2x00_async_gpnid_sp_done(), qla24xx_async_gpnid(), qla24xx_async_gffid_sp_done(), qla24xx_async_gffid(), qla2x00_async_gpnft_gnnft_sp_done(), qla24xx_async_gpnft(), qla2x00_async_gnnid_sp_done(), qla24xx_async_gnnid(), qla2x00_async_gfpnid_sp_done() and qla24xx_async_gfpnid() functions in drivers/scsi/qla2xxx/qla_gs.c, within the edif_doorbell_show() function in drivers/scsi/qla2xxx/qla_edif.c, within the qla2x00_bsg_job_done() and qla24xx_bsg_timeout() functions in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) Resource management error
EUVDB-ID: #VU104876
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49160
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qla24xx_free_purex_list() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Resource management error
EUVDB-ID: #VU104875
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49162
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smtcfb_write() function in drivers/video/fbdev/sm712fb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Out-of-bounds read
EUVDB-ID: #VU104530
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49163
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mxc_jpeg_device_run() function in drivers/media/platform/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Buffer overflow
EUVDB-ID: #VU104885
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49164
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the REST_GPR() and GET_PACA() functions in arch/powerpc/kernel/tm.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) NULL pointer dereference
EUVDB-ID: #VU104639
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49165
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxc_jpeg_device_run() function in drivers/media/platform/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
115) Use-after-free
EUVDB-ID: #VU104493
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49174
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_mb_mark_bb() function in fs/ext4/mballoc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
116) Use-after-free
EUVDB-ID: #VU104492
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49175
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pm_ops_is_empty() and device_pm_check_callbacks() functions in drivers/base/power/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
117) Use-after-free
EUVDB-ID: #VU104491
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49176
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_dispatch_request() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
118) NULL pointer dereference
EUVDB-ID: #VU104640
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49177
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cavium_map_pf_regs() function in drivers/char/hw_random/cavium-rng-vf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
119) Use-after-free
EUVDB-ID: #VU104490
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49179
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_bfqq_move() function in block/bfq-cgroup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
120) Input validation error
EUVDB-ID: #VU104932
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49180
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the selinux_fs_context_parse_param() function in security/selinux/hooks.c, within the security_fs_context_dup() function in security/security.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
121) Use-after-free
EUVDB-ID: #VU104489
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49182
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hclge_add_vport_vlan_table(), hclge_add_vport_all_vlan_table(), hclge_rm_vport_vlan_table(), hclge_rm_vport_all_vlan_table(), hclge_uninit_vport_vlan_table(), hclge_restore_vport_vlan_table() and hclge_uninit_ae_dev() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
122) Memory leak
EUVDB-ID: #VU104388
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49185
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nmk_pinctrl_probe() function in drivers/pinctrl/nomadik/pinctrl-nomadik.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
123) NULL pointer dereference
EUVDB-ID: #VU104642
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49187
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the clk_hw_create_clk() function in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
124) Memory leak
EUVDB-ID: #VU104389
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49188
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the q6v5_alloc_memory_region() function in drivers/remoteproc/qcom_q6v5_mss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
125) Integer underflow
EUVDB-ID: #VU104795
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49189
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the clk_rcg2_determine_floor_rate() and __clk_rcg2_configure() functions in drivers/clk/qcom/clk-rcg2.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
126) Improper error handling
EUVDB-ID: #VU104756
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49193
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ice_service_task() and ice_misc_intr() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
127) Use-after-free
EUVDB-ID: #VU104488
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49194
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcmgenet_writel() and bcmgenet_readl() functions in drivers/net/ethernet/broadcom/genet/bcmgenet.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
128) Use-after-free
EUVDB-ID: #VU104487
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49196
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the remove_phb_dynamic() function in arch/powerpc/platforms/pseries/pci_dlpar.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
129) Integer underflow
EUVDB-ID: #VU104796
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49199
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nldev_stat_set_counter_dynamic_doit() function in drivers/infiniband/core/nldev.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
130) Improper error handling
EUVDB-ID: #VU104755
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49200
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btmtksdio_probe() function in drivers/bluetooth/btmtksdio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
131) NULL pointer dereference
EUVDB-ID: #VU104644
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49201
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __ibmvnic_open(), ibmvnic_cleanup(), ibmvnic_tx_scrq_clean_buffer(), ibmvnic_xmit() and netif_carrier_off() functions in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
132) Memory leak
EUVDB-ID: #VU104392
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49206
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the subscribe_event_xa_alloc() function in drivers/infiniband/hw/mlx5/devx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
133) Integer underflow
EUVDB-ID: #VU104797
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49208
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the irdma_sc_qp_create(), irdma_sc_cq_create(), irdma_sc_ceq_init() and irdma_sc_ccq_init() functions in drivers/infiniband/hw/irdma/ctrl.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
134) Memory leak
EUVDB-ID: #VU104397
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49212
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the atmel_nand_controller_init() function in drivers/mtd/nand/atmel/nand-controller.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
135) Memory leak
EUVDB-ID: #VU104398
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49213
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath10k_setup_msa_resources() function in drivers/net/wireless/ath/ath10k/snoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
136) NULL pointer dereference
EUVDB-ID: #VU104646
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49214
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the NOKPROBE_SYMBOL() function in arch/powerpc/mm/fault.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
137) Memory leak
EUVDB-ID: #VU104399
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49216
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tegra_dsi_ganged_probe() function in drivers/gpu/drm/tegra/dsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
138) Improper locking
EUVDB-ID: #VU104712
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49217
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pm80xx_send_abort_all() function in drivers/scsi/pm8001/pm80xx_hwi.c, within the pm8001_send_abort_all() and pm8001_send_read_log() functions in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
139) Out-of-bounds read
EUVDB-ID: #VU104539
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49218
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the drm_dp_link_get_adjustments() function in drivers/gpu/drm/tegra/dp.c, within the drm_dp_get_adjust_tx_ffe_preset() function in drivers/gpu/drm/dp/drm_dp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
140) NULL pointer dereference
EUVDB-ID: #VU104647
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49221
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_dp_modeset_init() function in drivers/gpu/drm/msm/dp/dp_display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
141) Buffer overflow
EUVDB-ID: #VU104807
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49222
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the segments_edid_read() function in drivers/gpu/drm/bridge/analogix/anx7625.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
142) Memory leak
EUVDB-ID: #VU104401
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49224
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ab8500_fg_sysfs_init() function in drivers/power/supply/ab8500_fg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
143) Input validation error
EUVDB-ID: #VU104726
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49226
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ax88772_bind() and ax88178_reset() functions in drivers/net/usb/asix_devices.c, within the asix_read_cmd(), asix_check_host_enable() and asix_mdio_read_nopm() functions in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
144) Resource management error
EUVDB-ID: #VU104913
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49227
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igc_setup_rx_resources() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
145) NULL pointer dereference
EUVDB-ID: #VU104543
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49232
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_connector_add_common_modes() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
146) Use of uninitialized resource
EUVDB-ID: #VU104767
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49235
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the htc_issue_send() and htc_connect_service() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
147) Use-after-free
EUVDB-ID: #VU104460
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49236
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btf_id_set_contains(), btf_module_notify() and btf_try_get_module() functions in kernel/bpf/btf.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
148) Memory leak
EUVDB-ID: #VU104226
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49239
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the wcd934x_codec_parse_data() function in sound/soc/codecs/wcd934x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
149) Memory leak
EUVDB-ID: #VU104228
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49241
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sam9x5_wm8731_driver_probe() function in sound/soc/atmel/sam9x5_wm8731.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
150) Memory leak
EUVDB-ID: #VU104229
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49242
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mxs_sgtl5000_probe() function in sound/soc/mxs/mxs-sgtl5000.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
151) Memory leak
EUVDB-ID: #VU104230
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49243
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at91sam9g20ek_audio_probe() function in sound/soc/atmel/sam9g20_wm8731.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
152) Memory leak
EUVDB-ID: #VU104231
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49244
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt8192_mt6359_dev_probe() function in sound/soc/mediatek/mt8192/mt8192-mt6359-rt1015-rt5682.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
153) Memory leak
EUVDB-ID: #VU104233
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49246
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snd_proto_probe() function in sound/soc/atmel/mikroe-proto.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
154) Improper locking
EUVDB-ID: #VU104684
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49247
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the stk1160_uninit_isoc(), stk1160_stop_streaming() and stk1160_clear_queue() functions in drivers/media/usb/stk1160/stk1160-v4l.c, within the stk1160_disconnect() function in drivers/media/usb/stk1160/stk1160-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
155) Use of uninitialized resource
EUVDB-ID: #VU104768
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49248
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the fcp_avc_transaction() function in sound/firewire/fcp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
156) Out-of-bounds read
EUVDB-ID: #VU104528
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49249
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the wcd938x_tx_mode_get() and wcd938x_rx_hph_mode_get() functions in sound/soc/codecs/wcd938x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
157) Input validation error
EUVDB-ID: #VU104929
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49250
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rx_macro_load_compander_coeff() function in sound/soc/codecs/lpass-rx-macro.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
158) Out-of-bounds read
EUVDB-ID: #VU104527
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49251
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the va_macro_dec_mode_get() and va_macro_dec_mode_put() functions in sound/soc/codecs/lpass-va-macro.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
159) Out-of-bounds read
EUVDB-ID: #VU104526
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49252
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rx_macro_mux_get(), rx_macro_mux_put(), rx_macro_get_hph_pwr_mode() and rx_macro_put_hph_pwr_mode() functions in sound/soc/codecs/lpass-rx-macro.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
160) Memory leak
EUVDB-ID: #VU104234
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49253
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s2250_probe() and i2c_unregister_device() functions in drivers/media/usb/go7007/s2250-board.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
161) NULL pointer dereference
EUVDB-ID: #VU104544
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49254
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cal_ctx_v4l2_init_formats() function in drivers/media/platform/ti-vpe/cal-video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
162) Memory leak
EUVDB-ID: #VU104235
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49256
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the free_watch() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
163) NULL pointer dereference
EUVDB-ID: #VU104545
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49257
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the watch_queue_set_size() function in kernel/watch_queue.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
164) Use-after-free
EUVDB-ID: #VU104462
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49258
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cc_cipher_exit() function in drivers/crypto/ccree/cc_cipher.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
165) Resource management error
EUVDB-ID: #VU104907
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49259
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the blk_unregister_queue() function in block/blk-sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
166) Buffer overflow
EUVDB-ID: #VU104915
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49260
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the sec_aead_soft_crypto() function in drivers/crypto/hisilicon/sec2/sec_crypto.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
167) Out-of-bounds read
EUVDB-ID: #VU104525
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49261
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vm_access() function in drivers/gpu/drm/i915/gem/i915_gem_mman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
168) NULL pointer dereference
EUVDB-ID: #VU104546
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49262
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cpt_register_algs() function in drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
169) Memory leak
EUVDB-ID: #VU104236
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49263
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brcmf_pcie_setup() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
170) NULL pointer dereference
EUVDB-ID: #VU104547
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49264
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bprm_stack_limits(), do_execveat_common() and kernel_execve() functions in fs/exec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
171) Improper locking
EUVDB-ID: #VU104685
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49265
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the genpd_remove() function in drivers/base/power/domain.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
172) Buffer overflow
EUVDB-ID: #VU104916
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49266
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blkcg_iolatency_done_bio() function in block/blk-iolatency.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
173) Use-after-free
EUVDB-ID: #VU104463
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49268
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cl_stream_prepare() function in sound/soc/sof/intel/hda-loader.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
174) Input validation error
EUVDB-ID: #VU104928
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49269
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the isotp_bind() function in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
175) Use-after-free
EUVDB-ID: #VU104464
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49270
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cleanup_mapped_device() function in drivers/md/dm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
176) NULL pointer dereference
EUVDB-ID: #VU104548
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49271
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smb2_ioctl_query_info() function in fs/cifs/smb2ops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
177) Improper locking
EUVDB-ID: #VU104686
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49272
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_pcm_hw_params_choose(), snd_pcm_hw_params(), snd_pcm_hw_free() and snd_pcm_action_nonatomic() functions in sound/core/pcm_native.c, within the wait_for_avail() and __snd_pcm_lib_xfer() functions in sound/core/pcm_lib.c, within the snd_pcm_attach_substream() function in sound/core/pcm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
178) NULL pointer dereference
EUVDB-ID: #VU104549
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49273
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pl031_probe() function in drivers/rtc/rtc-pl031.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
179) Use of uninitialized resource
EUVDB-ID: #VU104769
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49274
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_local_read_info() function in fs/ocfs2/quota_local.c, within the ocfs2_unlock_global_qf() and ocfs2_global_read_info() functions in fs/ocfs2/quota_global.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
180) Use-after-free
EUVDB-ID: #VU104465
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49275
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the m_can_tx_handler() function in drivers/net/can/m_can/m_can.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
181) Memory leak
EUVDB-ID: #VU104237
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49276
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_scan_medium() function in fs/jffs2/scan.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
182) Memory leak
EUVDB-ID: #VU104238
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49277
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_do_mount_fs() function in fs/jffs2/build.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
183) Integer underflow
EUVDB-ID: #VU104786
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49278
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the rproc_coredump_write() function in drivers/remoteproc/remoteproc_debugfs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
184) Integer overflow
EUVDB-ID: #VU104776
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49279
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the include/linux/sunrpc/xdr.h. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
185) Integer underflow
EUVDB-ID: #VU104787
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49280
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nfsd_proc_write() function in fs/nfsd/nfsproc.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
186) Resource management error
EUVDB-ID: #VU104906
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49281
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cifs_kill_sb() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
187) Memory leak
EUVDB-ID: #VU104239
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49283
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sysfb_create_simplefb() function in drivers/firmware/sysfb_simplefb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
188) NULL pointer dereference
EUVDB-ID: #VU104551
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49285
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mma8452_show_scale_avail() function in drivers/iio/accel/mma8452.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
189) NULL pointer dereference
EUVDB-ID: #VU104552
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49286
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tpm2_init_space() function in drivers/char/tpm/tpm2-space.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
190) Use-after-free
EUVDB-ID: #VU104466
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49287
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dev_err() function in drivers/char/tpm/tpm2-space.c, within the tpm_dev_release(), tpm_chip_alloc(), tpm_add_char_device() and tpm_chip_unregister() functions in drivers/char/tpm/tpm-chip.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
191) Use-after-free
EUVDB-ID: #VU104467
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49288
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_pcm_lib_preallocate_proc_write() function in sound/core/pcm_memory.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
192) Memory leak
EUVDB-ID: #VU104241
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49290
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_mesh_setup() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
193) Use-after-free
EUVDB-ID: #VU104468
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49291
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_pcm_hw_params_choose(), snd_pcm_hw_params() and do_hw_free() functions in sound/core/pcm_native.c, within the snd_pcm_attach_substream() and snd_pcm_detach_substream() functions in sound/core/pcm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
194) Buffer overflow
EUVDB-ID: #VU104798
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49292
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the snd_pcm_plugin_alloc() function in sound/core/oss/pcm_plugin.c, within the snd_pcm_oss_period_size() and snd_pcm_oss_change_params_locked() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
195) Memory leak
EUVDB-ID: #VU104242
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49293
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_do_chain() function in net/netfilter/nf_tables_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
196) Division by zero
EUVDB-ID: #VU104809
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49294
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the get_pixel_clk_frequency_100hz() function in drivers/gpu/drm/amd/display/dc/dce/dce_clock_source.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
197) NULL pointer dereference
EUVDB-ID: #VU104553
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49295
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nbd_cleanup() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
198) Improper locking
EUVDB-ID: #VU104688
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49297
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nbd_start_device_ioctl() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
199) Use of uninitialized resource
EUVDB-ID: #VU104770
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49298
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the r871xu_drv_init() function in drivers/staging/rtl8712/usb_intf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
200) NULL pointer dereference
EUVDB-ID: #VU104554
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49299
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dwc2_hsotg_udc_start() function in drivers/usb/dwc2/gadget.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
201) Memory leak
EUVDB-ID: #VU104243
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49300
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nbd_alloc_config(), nbd_open(), nbd_put() and nbd_cleanup() functions in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
202) Use of uninitialized resource
EUVDB-ID: #VU104771
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49301
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the usb_read8(), usb_read16() and usb_read32() functions in drivers/staging/rtl8712/usb_ops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
203) NULL pointer dereference
EUVDB-ID: #VU104555
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49302
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the isp116x_remove() function in drivers/usb/host/isp116x-hcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
204) Improper locking
EUVDB-ID: #VU104690
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49304
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sa1100_set_termios() function in drivers/tty/serial/sa1100.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
205) Improper locking
EUVDB-ID: #VU104691
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49305
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ieee80211_beacons_stop() function in drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
206) NULL pointer dereference
EUVDB-ID: #VU104556
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49307
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hdlcdev_init() function in drivers/tty/synclink_gt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
207) Improper error handling
EUVDB-ID: #VU104753
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49308
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the extcon_dev_register() and extcon_dev_unregister() functions in drivers/extcon/extcon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
208) Improper locking
EUVDB-ID: #VU104699
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49309
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw_surveydone_event_callback() and rtw_scan_timeout_handler() functions in drivers/staging/rtl8723bs/core/rtw_mlme.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
209) Memory leak
EUVDB-ID: #VU104245
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49310
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cleanup_dev() function in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
210) Improper locking
EUVDB-ID: #VU104692
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49311
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw_joinbss_event_prehandle() and _rtw_join_timeout_handler() functions in drivers/staging/rtl8723bs/core/rtw_mlme.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
211) Memory leak
EUVDB-ID: #VU104246
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49312
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the r8712_usb_dvobj_init(), r871x_dev_unload() and r871xu_dev_remove() functions in drivers/staging/rtl8712/usb_intf.c, within the r8712_free_drv_sw() function in drivers/staging/rtl8712/os_intfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
212) Improper locking
EUVDB-ID: #VU104693
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49313
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the oxu_bus_suspend() function in drivers/usb/host/oxu210hp-hcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
213) Memory leak
EUVDB-ID: #VU104247
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49314
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the icom_probe() function in drivers/tty/serial/icom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
214) Improper locking
EUVDB-ID: #VU104694
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49315
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtllib_beacons_stop() function in drivers/staging/rtl8192e/rtllib_softmac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
215) Improper locking
EUVDB-ID: #VU104695
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49316
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the _nfs4_open_and_get_state() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
216) NULL pointer dereference
EUVDB-ID: #VU104557
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49319
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arm_smmu_device_probe() function in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
217) Integer overflow
EUVDB-ID: #VU104778
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49320
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the zynqmp_dma_alloc_chan_resources() function in drivers/dma/xilinx/zynqmp_dma.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
218) NULL pointer dereference
EUVDB-ID: #VU104558
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49321
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rpcrdma_is_bcall() function in net/sunrpc/xprtrdma/rpc_rdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
219) Improper locking
EUVDB-ID: #VU104696
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49322
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the trace_event_buffer_lock_reserve() and output_printk() functions in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
220) NULL pointer dereference
EUVDB-ID: #VU104559
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49323
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arm_smmu_device_probe() function in drivers/iommu/arm/arm-smmu/arm-smmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
221) Improper Initialization
EUVDB-ID: #VU104859
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49326
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the rtl8180_tx() function in drivers/net/wireless/realtek/rtl818x/rtl8180/dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
222) Improper locking
EUVDB-ID: #VU104697
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49327
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the run_cache_set() function in drivers/md/bcache/super.c, within the bch_journal_space_reserve(), do_journal_discard() and journal_reclaim() functions in drivers/md/bcache/journal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
223) Use-after-free
EUVDB-ID: #VU104459
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49328
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mt76_txq_stopped() and mt76_txq_schedule_list() functions in drivers/net/wireless/mediatek/mt76/tx.c, within the mt7921_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7921/main.c, within the mt7915_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7915/main.c, within the mt76x02_vif_init() and mt76x02_remove_interface() functions in drivers/net/wireless/mediatek/mt76/mt76x02_util.c, within the mt7615_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7615/main.c, within the mt7603_add_interface() function in drivers/net/wireless/mediatek/mt76/mt7603/main.c, within the mt76_sta_add() function in drivers/net/wireless/mediatek/mt76/mac80211.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
224) Memory leak
EUVDB-ID: #VU104249
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49331
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st21nfca_connectivity_event_received() function in drivers/nfc/st21nfca/se.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
225) NULL pointer dereference
EUVDB-ID: #VU104561
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49332
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_device_reset_handler() and lpfc_target_reset_handler() functions in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
226) NULL pointer dereference
EUVDB-ID: #VU104562
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49335
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_cs_parser_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
227) Buffer overflow
EUVDB-ID: #VU104880
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49336
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the etnaviv_iommu_unmap_gem() function in drivers/gpu/drm/etnaviv/etnaviv_mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
228) Use-after-free
EUVDB-ID: #VU104448
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49337
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the spin_lock() and user_dlm_destroy_lock() functions in fs/ocfs2/dlmfs/userdlm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
229) Double free
EUVDB-ID: #VU104730
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49339
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the seg6_hmac_init() function in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
230) Memory leak
EUVDB-ID: #VU104251
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49341
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_jit_binary_free() function in arch/arm64/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
231) Memory leak
EUVDB-ID: #VU104252
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49342
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcma_mdio_mii_register() function in drivers/net/ethernet/broadcom/bgmac-bcma-mdio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
232) Buffer overflow
EUVDB-ID: #VU104881
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49343
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dx_probe() function in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
233) Double free
EUVDB-ID: #VU104731
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49345
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xfrm4_protocol_init() function in net/ipv4/xfrm4_protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
234) Memory leak
EUVDB-ID: #VU104253
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49346
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gswip_gphy_fw_list() function in drivers/net/dsa/lantiq_gswip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
235) Improper error handling
EUVDB-ID: #VU104752
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49347
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_convert_inline_data() function in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
236) Input validation error
EUVDB-ID: #VU104725
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49348
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __ext4_fill_super() and __ext4_remount() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
237) Use-after-free
EUVDB-ID: #VU104435
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49349
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4_get_first_dir_block() function in fs/ext4/namei.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
238) Double free
EUVDB-ID: #VU104732
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49350
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mdio_bus_init() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
239) Memory leak
EUVDB-ID: #VU104254
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49351
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the altera_tse_mdio_create() function in drivers/net/ethernet/altera/altera_tse_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
240) Infinite loop
EUVDB-ID: #VU104813
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49352
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the ext4_setattr() function in fs/ext4/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
241) Memory leak
EUVDB-ID: #VU104255
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49354
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the octeon_cf_probe() function in drivers/ata/pata_octeon_cf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
242) Buffer overflow
EUVDB-ID: #VU104887
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49356
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the svc_rdma_build_writes() function in net/sunrpc/xprtrdma/svc_rdma_rw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
243) Resource management error
EUVDB-ID: #VU104871
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49357
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the UEFI_QUIRK_SKIP_CERT() and load_uefi_certs() functions in security/integrity/platform_certs/load_uefi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
244) Memory leak
EUVDB-ID: #VU104258
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49367
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mv88e6xxx_mdios_register() function in drivers/net/dsa/mv88e6xxx/chip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
245) Out-of-bounds read
EUVDB-ID: #VU104514
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49368
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mtk_hwlro_get_fdir_entry() function in drivers/net/ethernet/mediatek/mtk_eth_soc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
246) Memory leak
EUVDB-ID: #VU104260
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49370
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dmi_sysfs_register_handle() function in drivers/firmware/dmi-sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
247) Improper locking
EUVDB-ID: #VU104670
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49371
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __device_attach() function in drivers/base/dd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
248) Memory leak
EUVDB-ID: #VU104261
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49373
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ts4800_wdt_probe() function in drivers/watchdog/ts4800_wdt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
249) NULL pointer dereference
EUVDB-ID: #VU104564
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49375
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_rtc_probe() function in drivers/rtc/rtc-mt6397.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
250) Memory leak
EUVDB-ID: #VU104262
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49376
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sd_probe() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
251) Use-after-free
EUVDB-ID: #VU104432
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49377
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the blk_mq_has_sqsched() and blk_mq_get_sq_hctx() functions in block/blk-mq.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
252) Improper locking
EUVDB-ID: #VU104668
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49378
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/net/ethernet/sfc/net_driver.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
253) Improper locking
EUVDB-ID: #VU104667
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49379
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_SHOW_ATTRIBUTE(), deferred_probe_timeout_work_func() and driver_probe_done() functions in drivers/base/dd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
254) Memory leak
EUVDB-ID: #VU104263
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49381
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_free_raw_node_refs() function in fs/jffs2/fs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
255) Memory leak
EUVDB-ID: #VU104264
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49382
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_grf_init() function in drivers/soc/rockchip/grf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
256) Double free
EUVDB-ID: #VU104733
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49384
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the md_free() and md_stop() functions in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
257) Use-after-free
EUVDB-ID: #VU104431
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49385
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bus_add_driver() function in drivers/base/bus.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
258) Memory leak
EUVDB-ID: #VU104265
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49386
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the am65_cpsw_init_cpts() and am65_cpsw_nuss_probe() functions in drivers/net/ethernet/ti/am65-cpsw-nuss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
259) Memory leak
EUVDB-ID: #VU104266
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49389
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the stub_probe() and put_busid_priv() functions in drivers/usb/usbip/stub_dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
260) NULL pointer dereference
EUVDB-ID: #VU104565
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49392
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the aspeed_vuart_probe() function in drivers/tty/serial/8250/8250_aspeed_vuart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
261) Memory leak
EUVDB-ID: #VU104267
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49394
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the blkiolatency_enable_work_fn(), BLKIOLATENCY(), blkcg_iolatency_throttle(), blkcg_iolatency_done_bio(), blkcg_iolatency_exit(), rcu_read_unlock(), blk_iolatency_init(), iolatency_set_min_lat_nsec(), iolatency_set_limit() and iolatency_pd_offline() functions in block/blk-iolatency.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
262) Memory leak
EUVDB-ID: #VU104268
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49396
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_qmp_reset_control_put() and qcom_qmp_phy_create() functions in drivers/phy/qualcomm/phy-qcom-qmp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
263) Memory leak
EUVDB-ID: #VU104269
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49397
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_qmp_phy_create() function in drivers/phy/qualcomm/phy-qcom-qmp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
264) Improper locking
EUVDB-ID: #VU104665
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49398
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dwc3_gadget_ep_skip_trbs(), dwc3_gadget_ep_cleanup_cancelled_requests() and dwc3_gadget_ep_cleanup_completed_requests() functions in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
265) Memory leak
EUVDB-ID: #VU104270
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49399
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the goldfish_tty_probe() and goldfish_tty_remove() functions in drivers/tty/goldfish.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
266) Use-after-free
EUVDB-ID: #VU104428
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49400
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the free_conf() function in drivers/md/raid0.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
267) Improper locking
EUVDB-ID: #VU104664
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49402
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ftrace_func_mapper_add_ip() and register_ftrace_direct() functions in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
268) Integer overflow
EUVDB-ID: #VU104780
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49404
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the set_link_ipg() function in drivers/infiniband/hw/hfi1/init.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
269) Out-of-bounds read
EUVDB-ID: #VU104506
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49407
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dlm_posix_lock(), dlm_plock_callback() and dev_write() functions in fs/dlm/plock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
270) Improper error handling
EUVDB-ID: #VU104749
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49409
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_valid_extent_entries() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
271) Double free
EUVDB-ID: #VU104735
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49410
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the init_var_ref() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
272) Use-after-free
EUVDB-ID: #VU104427
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49411
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_link_bfqg() function in block/bfq-cgroup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
273) Use-after-free
EUVDB-ID: #VU104426
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49412
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_setup_merge() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
274) Use-after-free
EUVDB-ID: #VU104413
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49413
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_bio_merge() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
275) Improper locking
EUVDB-ID: #VU104653
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49414
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_punch_hole() function in fs/ext4/inode.c, within the ext4_fallocate() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
276) Use-after-free
EUVDB-ID: #VU104424
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49416
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_vif_use_reserved_context() function in net/mac80211/chan.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
277) Use of uninitialized resource
EUVDB-ID: #VU104772
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49418
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nfs4_xdr_dec_fs_locations() function in fs/nfs/nfs4xdr.c, within the nfs4_try_migration() function in fs/nfs/nfs4state.c, within the nfs4_get_referral(), _nfs4_proc_fs_locations(), _nfs40_proc_get_locations() and _nfs41_proc_get_locations() functions in fs/nfs/nfs4proc.c, within the nfs_do_refmount() function in fs/nfs/nfs4namespace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
278) Memory leak
EUVDB-ID: #VU104274
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49421
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the clcdfb_of_vram_setup() function in drivers/video/fbdev/amba-clcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
279) Memory leak
EUVDB-ID: #VU104275
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49422
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the idxd_cdev_register() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
280) NULL pointer dereference
EUVDB-ID: #VU104569
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49424
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the MT2701_IOMMU_PAGE_SIZE() and mtk_iommu_probe_device() functions in drivers/iommu/mtk_iommu_v1.c, within the mtk_iommu_probe_device() function in drivers/iommu/mtk_iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
281) Use-after-free
EUVDB-ID: #VU104422
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49426
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the arm_smmu_alloc_shared_cd(), kfree() and arm_smmu_free_shared_cd() functions in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
282) Resource management error
EUVDB-ID: #VU104905
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49427
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_iommu_remove() function in drivers/iommu/mtk_iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
283) NULL pointer dereference
EUVDB-ID: #VU104571
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49429
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hfi1_write_iter() function in drivers/infiniband/hw/hfi1/file_ops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
284) Resource management error
EUVDB-ID: #VU104870
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49430
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gpio_keys_quiesce_key() function in drivers/input/keyboard/gpio_keys.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
285) Memory leak
EUVDB-ID: #VU104276
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49431
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iommu_init_early_dart() function in arch/powerpc/sysdev/dart_iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
286) Memory leak
EUVDB-ID: #VU104277
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49432
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the icp_opal_init() function in arch/powerpc/sysdev/xics/icp-opal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
287) Use-after-free
EUVDB-ID: #VU104421
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49433
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sdma_clean() function in drivers/infiniband/hw/hfi1/sdma.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
288) Improper locking
EUVDB-ID: #VU104660
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49434
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_reset_bus_function() and EXPORT_SYMBOL_GPL() functions in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
289) NULL pointer dereference
EUVDB-ID: #VU104572
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49435
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the davinci_vc_probe() function in drivers/mfd/davinci_voicecodec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
290) Memory leak
EUVDB-ID: #VU104279
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49437
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xive_spapr_init() and xive_irq_bitmap_remove_all() functions in arch/powerpc/sysdev/xive/spapr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
291) Memory leak
EUVDB-ID: #VU104280
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49438
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bbc_beep_probe() function in drivers/input/misc/sparcspkr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
292) Improper locking
EUVDB-ID: #VU104659
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49440
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the enter_rtas() function in arch/powerpc/kernel/rtas.c, within the _GLOBAL() function in arch/powerpc/kernel/entry_64.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
293) Improper locking
EUVDB-ID: #VU104658
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49441
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tty_buffer_alloc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
294) Memory leak
EUVDB-ID: #VU104282
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49442
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the register_node() function in drivers/base/node.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
295) Improper locking
EUVDB-ID: #VU104657
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49443
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/list.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
296) Out-of-bounds read
EUVDB-ID: #VU104508
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49444
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the elf_validity_check() function in kernel/module.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
297) NULL pointer dereference
EUVDB-ID: #VU104573
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49445
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sh_pfc_map_resources() function in drivers/pinctrl/renesas/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
298) Memory leak
EUVDB-ID: #VU104283
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49447
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hi3xxx_smp_prepare_cpus() and hip01_boot_secondary() functions in arch/arm/mach-hisi/platsmp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
299) NULL pointer dereference
EUVDB-ID: #VU104574
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49448
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bcm_pmb_probe() function in drivers/soc/bcm/bcm63xx/bcm-pmb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
300) NULL pointer dereference
EUVDB-ID: #VU104575
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49449
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rzn1_pinctrl_probe() function in drivers/pinctrl/renesas/pinctrl-rzn1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
301) Input validation error
EUVDB-ID: #VU104721
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49451
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the scmi_base_implementation_list_get() function in drivers/firmware/arm_scmi/base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
302) NULL pointer dereference
EUVDB-ID: #VU104577
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49453
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ti_sci_pm_domain_probe() function in drivers/soc/ti/ti_sci_pm_domains.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
303) Double free
EUVDB-ID: #VU104736
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49455
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ocxl_file_register_afu() function in drivers/misc/ocxl/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
304) NULL pointer dereference
EUVDB-ID: #VU104578
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49459
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sr_thermal_probe() function in drivers/thermal/broadcom/sr-thermal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
305) Resource management error
EUVDB-ID: #VU104897
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49460
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rk3399_dmcfreq_remove() function in drivers/devfreq/rk3399_dmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
306) Memory leak
EUVDB-ID: #VU104287
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49462
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the a6xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a6xx_gpu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
307) Memory leak
EUVDB-ID: #VU104288
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49463
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_sc_thermal_probe() function in drivers/thermal/imx_sc_thermal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
308) Use-after-free
EUVDB-ID: #VU104419
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49465
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the block/blk-throttle.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
309) Memory leak
EUVDB-ID: #VU104289
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49466
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scmi_regulator_probe() function in drivers/regulator/scmi-regulator.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
310) Memory leak
EUVDB-ID: #VU104290
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49467
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp5_crtc_cursor_set() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
311) Memory leak
EUVDB-ID: #VU104291
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49468
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __thermal_cooling_device_register() function in drivers/thermal/thermal_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
312) NULL pointer dereference
EUVDB-ID: #VU104579
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49472
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kszphy_config_reset(), kszphy_config_init() and kszphy_probe() functions in drivers/net/phy/micrel.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
313) Memory leak
EUVDB-ID: #VU104293
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49473
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the j721e_soc_probe_cpb() and j721e_soc_probe_ivi() functions in sound/soc/ti/j721e-evm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
314) Use-after-free
EUVDB-ID: #VU104417
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49474
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sco_sock_connect() function in net/bluetooth/sco.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
315) NULL pointer dereference
EUVDB-ID: #VU104580
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49475
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fsl_qspi_probe() function in drivers/spi/spi-fsl-qspi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
316) Memory leak
EUVDB-ID: #VU104294
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49477
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the aries_audio_probe() function in sound/soc/samsung/aries_wm8994.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
317) Out-of-bounds read
EUVDB-ID: #VU104510
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49478
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pvr2_hdw_create() function in drivers/media/usb/pvrusb2/pvrusb2-hdw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
318) Memory leak
EUVDB-ID: #VU104295
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49480
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_hdmi_probe() function in sound/soc/fsl/imx-hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
319) Memory leak
EUVDB-ID: #VU104296
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49481
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pfuze_parse_regulators_dt() function in drivers/regulator/pfuze100-regulator.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
320) Memory leak
EUVDB-ID: #VU104297
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49482
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mxs_saif_probe() function in sound/soc/mxs/mxs-saif.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
321) Memory leak
EUVDB-ID: #VU104298
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49486
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx_sgtl5000_probe() function in sound/soc/fsl/imx-sgtl5000.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
322) NULL pointer dereference
EUVDB-ID: #VU104585
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49487
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ebu_nand_probe() function in drivers/mtd/nand/raw/intel-nand-controller.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
323) NULL pointer dereference
EUVDB-ID: #VU104586
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49488
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mdp5_mixer_assign() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_mixer.c, within the mdp5_crtc_setup_pipeline() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
324) Use-after-free
EUVDB-ID: #VU104415
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49489
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _dpu_kms_hw_destroy() function in drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
325) NULL pointer dereference
EUVDB-ID: #VU104587
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49490
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mdp5_plane_atomic_check_with_state() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_plane.c, within the mdp5_pipe_assign() and mdp5_pipe_release() functions in drivers/gpu/drm/msm/disp/mdp5/mdp5_pipe.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
326) NULL pointer dereference
EUVDB-ID: #VU104588
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49491
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vop_bind() function in drivers/gpu/drm/rockchip/rockchip_drm_vop.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
327) NULL pointer dereference
EUVDB-ID: #VU104589
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49492
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvme_alloc_admin_tags() function in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
328) Use-after-free
EUVDB-ID: #VU104414
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49493
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rt5645_i2c_remove() function in sound/soc/codecs/rt5645.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
329) NULL pointer dereference
EUVDB-ID: #VU104590
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49494
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cadence_nand_dt_probe() function in drivers/mtd/nand/raw/cadence-nand-controller.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
330) NULL pointer dereference
EUVDB-ID: #VU104591
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49495
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_hdmi_init() function in drivers/gpu/drm/msm/hdmi/hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
331) NULL pointer dereference
EUVDB-ID: #VU104592
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49498
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() and snd_pcm_lib_free_pages() functions in sound/core/pcm_memory.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
332) Use-after-free
EUVDB-ID: #VU104425
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49501
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smsc95xx_start_phy() function in drivers/net/usb/smsc95xx.c, within the ax88772_stop() function in drivers/net/usb/asix_devices.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
333) Memory leak
EUVDB-ID: #VU104299
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49502
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rga_probe() and dma_free_attrs() functions in drivers/media/platform/rockchip/rga/rga.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
334) Out-of-bounds read
EUVDB-ID: #VU104511
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49503
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath9k_rx_prepare() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
335) Out-of-bounds read
EUVDB-ID: #VU104512
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49504
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the lpfc_sli_issue_abort_iotag(), lpfc_sli_abort_taskmgmt() and lpfc_sli4_issue_abort_iotag() functions in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_linkdown() function in drivers/scsi/lpfc/lpfc_hbadisc.c, within the lpfc_issue_els_flogi() and lpfc_els_rcv_flogi() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
336) Use-after-free
EUVDB-ID: #VU104458
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49505
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfc_unregister_device() function in net/nfc/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
337) Resource management error
EUVDB-ID: #VU104867
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49506
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_drm_cmdq_pkt_destroy(), mtk_drm_crtc_destroy(), mtk_drm_crtc_enable_vblank() and mtk_drm_crtc_create() functions in drivers/gpu/drm/mediatek/mtk_drm_crtc.c, within the rdma_update_bits() function in drivers/gpu/drm/mediatek/mtk_disp_rdma.c, within the mtk_disp_ovl_irq_handler() and mtk_ovl_disable_vblank() functions in drivers/gpu/drm/mediatek/mtk_disp_ovl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
338) Out-of-bounds read
EUVDB-ID: #VU104513
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49507
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the da9121_assign_chip_model() function in drivers/regulator/da9121-regulator.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
339) Double free
EUVDB-ID: #VU104737
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49508
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the elan_input_configured() function in drivers/hid/hid-elan.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
340) Resource management error
EUVDB-ID: #VU104866
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49509
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the max9286_poc_enable(), max9286_init(), max9286_probe() and max9286_remove() functions in drivers/media/i2c/max9286.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
341) Improper locking
EUVDB-ID: #VU104671
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49512
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the denali_pci_probe() and denali_pci_remove() functions in drivers/mtd/nand/raw/denali_pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
342) Memory leak
EUVDB-ID: #VU104300
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49514
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt8173_max98090_dev_probe() function in sound/soc/mediatek/mt8173/mt8173-max98090.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
343) Out-of-bounds read
EUVDB-ID: #VU104503
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49515
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cs35l41_volatile_reg() and ARRAY_SIZE() functions in sound/soc/codecs/cs35l41-lib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
344) Memory leak
EUVDB-ID: #VU104301
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49517
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt2701_wm8960_machine_probe() function in sound/soc/mediatek/mt2701/mt2701-wm8960.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
345) Improper locking
EUVDB-ID: #VU104672
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49519
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath10k_stop() function in drivers/net/wireless/ath/ath10k/mac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
346) Improper error handling
EUVDB-ID: #VU104748
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49520
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the compat_arm_syscall() function in arch/arm64/kernel/sys_compat.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
347) Memory leak
EUVDB-ID: #VU104302
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49521
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_fc_frame_check() and lpfc_sli4_send_seq_to_ulp() functions in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
348) Resource management error
EUVDB-ID: #VU104892
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49522
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the jz4740_mmc_acquire_dma_channels() function in drivers/mmc/host/jz4740_mmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
349) NULL pointer dereference
EUVDB-ID: #VU104596
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49523
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath11k_spectral_scan_config(), ath11k_spectral_ring_free() and ath11k_spectral_deinit() functions in drivers/net/wireless/ath/ath11k/spectral.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
350) Use-after-free
EUVDB-ID: #VU104457
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49524
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cx23885_initdev() function in drivers/media/pci/cx23885/cx23885-core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
351) Memory leak
EUVDB-ID: #VU104303
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49525
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cx25821_finidev() function in drivers/media/pci/cx25821/cx25821-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
352) Input validation error
EUVDB-ID: #VU104719
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49526
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the le32_to_cpu() and kunmap_atomic() functions in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
353) NULL pointer dereference
EUVDB-ID: #VU104597
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49527
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hfi_core_deinit() function in drivers/media/platform/qcom/venus/hfi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
354) NULL pointer dereference
EUVDB-ID: #VU104599
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49532
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_gpu_conn_get_modes() function in drivers/gpu/drm/virtio/virtgpu_display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
355) Memory leak
EUVDB-ID: #VU104306
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49534
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_ignore_els_cmpl() function in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_rcv_plogi() function in drivers/scsi/lpfc/lpfc_nportdisc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
356) Use-after-free
EUVDB-ID: #VU104456
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49535
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_initial_flogi(), lpfc_initial_fdisc(), lpfc_cmpl_els_plogi(), lpfc_cmpl_els_prli() and lpfc_cmpl_els_adisc() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
357) Improper locking
EUVDB-ID: #VU104674
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49536
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_abort_handler() function in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
358) Input validation error
EUVDB-ID: #VU104925
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49537
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the lpfc_update_cmf_cmpl() and lpfc_update_cmf_cmd() functions in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
359) Double free
EUVDB-ID: #VU104738
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49541
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the cifs_smb3_do_mount() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
360) Improper locking
EUVDB-ID: #VU104676
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49542
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_dmp_dbg() function in drivers/scsi/lpfc/lpfc_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
361) NULL pointer dereference
EUVDB-ID: #VU104601
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49544
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the libipw_xmit() function in drivers/net/wireless/intel/ipw2x00/libipw_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
362) Resource management error
EUVDB-ID: #VU104893
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49545
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the snd_usbmidi_output_open() function in sound/usb/midi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
363) Memory leak
EUVDB-ID: #VU104308
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49546
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the machine_kexec() function in arch/x86/kernel/machine_kexec_64.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
364) Memory leak
EUVDB-ID: #VU104309
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49549
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfree(), mce_threshold_remove_device() and mce_threshold_create_device() functions in arch/x86/kernel/cpu/mce/amd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
365) Out-of-bounds read
EUVDB-ID: #VU104516
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49551
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the REG_FIELD() function in drivers/usb/isp1760/isp1760-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
366) Buffer overflow
EUVDB-ID: #VU104882
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49555
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the qca_close() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
367) Memory leak
EUVDB-ID: #VU104311
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49556
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sev_launch_measure() and __sev_dbg_decrypt_user() functions in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
368) Input validation error
EUVDB-ID: #VU104717
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49559
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nested_vmx_vmexit() function in arch/x86/kvm/vmx/nested.c, within the nested_svm_vmexit() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
369) Input validation error
EUVDB-ID: #VU104923
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49562
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/x86/kvm/mmu/paging_tmpl.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
370) Integer underflow
EUVDB-ID: #VU104788
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49563
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the qat_rsa_enc() and qat_rsa_dec() functions in drivers/crypto/qat/qat_common/qat_asym_algs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
371) Integer underflow
EUVDB-ID: #VU104789
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49564
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the qat_dh_compute_value() function in drivers/crypto/qat/qat_common/qat_asym_algs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
372) Memory leak
EUVDB-ID: #VU104312
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49566
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qat_rsa_exit_tfm() function in drivers/crypto/qat/qat_common/qat_asym_algs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
373) NULL pointer dereference
EUVDB-ID: #VU104603
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49568
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kvm_ioctl_create_device() function in virt/kvm/kvm_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
374) NULL pointer dereference
EUVDB-ID: #VU104604
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49569
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bcm2835_spi_handle_err() function in drivers/spi/spi-bcm2835.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
375) Integer overflow
EUVDB-ID: #VU104781
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49570
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the xgpio_set_value32() function in drivers/gpio/gpio-xilinx.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
376) Race condition within a thread
EUVDB-ID: #VU104847
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49579
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the fib_multipath_hash() function in net/ipv4/route.c, within the mlxsw_sp_mp4_hash_init() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
377) Buffer overflow
EUVDB-ID: #VU104800
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49581
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the be_get_module_info() and be_get_module_eeprom() functions in drivers/net/ethernet/emulex/benet/be_ethtool.c, within the be_cmd_read_port_transceiver_data(), be_cmd_query_cable_type() and be_cmd_query_sfp_info() functions in drivers/net/ethernet/emulex/benet/be_cmds.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
378) Memory leak
EUVDB-ID: #VU104313
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49583
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iavf_get_rx_buffer() function in drivers/net/ethernet/intel/iavf/iavf_txrx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
379) Improper locking
EUVDB-ID: #VU104678
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49584
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ixgbe_enable_sriov(), ixgbe_rcv_ack_from_vf() and ixgbe_msg_task() functions in drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c, within the ixgbe_sw_init() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
380) Memory leak
EUVDB-ID: #VU104314
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49591
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ksz_switch_register() function in drivers/net/dsa/microchip/ksz_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
381) Out-of-bounds read
EUVDB-ID: #VU104520
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49592
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dwmac4_map_mtl_dma() function in drivers/net/ethernet/stmicro/stmmac/dwmac4_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
382) Race condition within a thread
EUVDB-ID: #VU104825
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49603
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the ip_forward() function in net/ipv4/ip_forward.c, within the mlxsw_sp_dscp_init() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
383) NULL pointer dereference
EUVDB-ID: #VU104606
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49605
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/ethernet/intel/igc/igc_regs.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
384) Improper locking
EUVDB-ID: #VU104679
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49606
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the irdma_cm_teardown_connections() function in drivers/infiniband/hw/irdma/cm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
385) Infinite loop
EUVDB-ID: #VU104814
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49607
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the mutex_lock_double(), perf_event_set_output(), ring_buffer_get() and mutex_unlock() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
386) Memory leak
EUVDB-ID: #VU104315
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49609
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the versatile_reboot_probe() function in drivers/power/reset/arm-versatile-reboot.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
387) Integer underflow
EUVDB-ID: #VU104790
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49610
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the vmx_vcpu_run() function in arch/x86/kvm/vmx/vmx.c, within the SYM_FUNC_START() function in arch/x86/kvm/vmx/vmenter.S, within the check_bugs() function in arch/x86/kernel/cpu/bugs.c, within the common() function in arch/x86/kernel/asm-offsets.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
388) Integer underflow
EUVDB-ID: #VU104791
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49611
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the SYM_INNER_LABEL() function in arch/x86/kvm/vmx/vmenter.S, within the spectre_v2_select_mitigation() function in arch/x86/kernel/cpu/bugs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
389) Integer underflow
EUVDB-ID: #VU104792
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49613
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the uart_proc_show() function in drivers/tty/serial/serial_core.c, within the serial8250_register_ports() function in drivers/tty/serial/8250/8250_core.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
390) NULL pointer dereference
EUVDB-ID: #VU104607
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49615
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt711_sdca_index_write() and rt711_sdca_index_read() functions in sound/soc/codecs/rt711-sdca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
391) NULL pointer dereference
EUVDB-ID: #VU104608
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49616
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rt711_jack_detect_handler() function in sound/soc/codecs/rt711.c, within the rt711_sdca_jack_detect_handler() function in sound/soc/codecs/rt711-sdca.c, within the rt700_jack_detect_handler() function in sound/soc/codecs/rt700.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
392) Improper error handling
EUVDB-ID: #VU104746
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49617
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mc_dailink_exit_loop() and mc_probe() functions in sound/soc/intel/boards/sof_sdw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
393) NULL pointer dereference
EUVDB-ID: #VU104609
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49618
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the aspeed_pinmux_set_mux() function in drivers/pinctrl/aspeed/pinctrl-aspeed.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
394) Memory leak
EUVDB-ID: #VU104318
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49621
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pmac_cpufreq_init_MacRISC3() function in drivers/cpufreq/pmac32-cpufreq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
395) Use-after-free
EUVDB-ID: #VU104453
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49623
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xive_irq_bitmap_add() and xive_irq_bitmap_remove_all() functions in arch/powerpc/sysdev/xive/spapr.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
396) Use-after-free
EUVDB-ID: #VU104452
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49625
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efx_ef10_try_update_nic_stats_vf() function in drivers/net/ethernet/sfc/ef10.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
397) Use-after-free
EUVDB-ID: #VU104451
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49626
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efx_ef10_pci_sriov_disable() function in drivers/net/ethernet/sfc/ef10_sriov.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
398) Memory leak
EUVDB-ID: #VU104319
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49627
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the crypto_free_shash() function in security/integrity/ima/ima_crypto.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
399) Memory leak
EUVDB-ID: #VU104320
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49628
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ingenic_mac_probe() function in drivers/net/ethernet/stmicro/stmmac/dwmac-ingenic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
400) Race condition within a thread
EUVDB-ID: #VU104829
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49631
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the include/net/raw.h. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
401) Race condition within a thread
EUVDB-ID: #VU104832
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49634
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the proc_dou8vec_minmax() function in kernel/sysctl.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
402) Race condition within a thread
EUVDB-ID: #VU104836
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49640
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the do_proc_douintvec_minmax_conv() function in kernel/sysctl.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
403) Race condition within a thread
EUVDB-ID: #VU104837
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49641
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the do_proc_douintvec_conv() function in kernel/sysctl.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
404) Buffer overflow
EUVDB-ID: #VU104883
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49642
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tegra_eqos_init() function in drivers/net/ethernet/stmicro/stmmac/dwmac-dwc-qos-eth.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
405) Integer overflow
EUVDB-ID: #VU104782
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49643
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ima_appraise_measurement() function in security/integrity/ima/ima_appraise.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
406) Memory leak
EUVDB-ID: #VU104322
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49644
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the intel_dp_add_mst_connector() function in drivers/gpu/drm/i915/display/intel_dp_mst.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
407) Buffer overflow
EUVDB-ID: #VU104884
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49645
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the panfrost_ioctl_madvise() function in drivers/gpu/drm/panfrost/panfrost_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
408) Integer underflow
EUVDB-ID: #VU104793
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49646
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the __ieee80211_select_queue() function in net/mac80211/wme.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
409) Use-after-free
EUVDB-ID: #VU104450
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49647
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LIST_HEAD_INIT(), find_css_set(), cgroup_migrate_vet_dst(), cgroup_migrate_add_src(), cgroup_migrate_prepare_dst() and cgroup_update_dfl_csses() functions in kernel/cgroup/cgroup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
410) Memory leak
EUVDB-ID: #VU104323
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49648
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the parse_var_defs() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
411) NULL pointer dereference
EUVDB-ID: #VU104610
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49649
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xenvif_rx_action() function in drivers/net/xen-netback/rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
412) Integer underflow
EUVDB-ID: #VU104794
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49650
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the bam_alloc_chan(), bam_free_chan(), bam_pause(), bam_resume(), bam_dma_irq(), bam_start_dma(), bam_dma_probe(), bam_dma_suspend() and bam_dma_resume() functions in drivers/dma/qcom/bam_dma.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
413) Memory leak
EUVDB-ID: #VU104324
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49652
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ti_dra7_xbar_route_allocate() function in drivers/dma/ti/dma-crossbar.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
414) Memory leak
EUVDB-ID: #VU104325
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49653
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the piix4_sb800_region_request() and piix4_sb800_region_release() functions in drivers/i2c/busses/i2c-piix4.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
415) Memory leak
EUVDB-ID: #VU104326
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49656
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the meson_smp_prepare_cpus() function in arch/arm/mach-meson/platsmp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
416) Memory leak
EUVDB-ID: #VU104327
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49657
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the usbnet_async_cmd_cb() and usbnet_write_cmd_async() functions in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
417) Memory leak
EUVDB-ID: #VU104329
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49661
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gs_can_open() and gs_can_close() functions in drivers/net/can/usb/gs_usb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
418) Resource management error
EUVDB-ID: #VU104900
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49663
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the skb_tunnel_check_pmtu() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
419) Memory leak
EUVDB-ID: #VU104330
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49665
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the thinkpad_acpi_amd_s2idle_restore() function in drivers/platform/x86/thinkpad_acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
420) Use-after-free
EUVDB-ID: #VU104447
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49667
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bond_3ad_unbind_slave() function in drivers/net/bonding/bond_3ad.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
421) Memory leak
EUVDB-ID: #VU104331
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49668
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_get_devfreq_events() function in drivers/devfreq/event/exynos-ppmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
422) Division by zero
EUVDB-ID: #VU104810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49670
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the include/linux/dim.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
423) Memory leak
EUVDB-ID: #VU104332
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49671
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ib_cm_insert_listen() function in drivers/infiniband/core/cm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
424) Race condition
EUVDB-ID: #VU104858
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49672
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the tun_detach_all() function in drivers/net/tun.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
425) Resource management error
EUVDB-ID: #VU104901
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49673
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the raid5_add_disk() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
426) Out-of-bounds read
EUVDB-ID: #VU104522
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49674
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the validate_region_size(), validate_raid_redundancy(), __rdev_sectors() and raid_iterate_devices() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
427) Double free
EUVDB-ID: #VU104739
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49675
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the tick_nohz_full_setup() function in kernel/time/tick-sched.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
428) Memory leak
EUVDB-ID: #VU104333
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49676
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the of_get_dram_timings() function in drivers/memory/samsung/exynos5422-dmc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
429) Memory leak
EUVDB-ID: #VU104334
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49677
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cns3xxx_init() function in arch/arm/mach-cns3xxx/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
430) Memory leak
EUVDB-ID: #VU104335
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49678
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
431) Memory leak
EUVDB-ID: #VU104336
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49679
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the axxia_boot_secondary() function in arch/arm/mach-axxia/platsmp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
432) Memory leak
EUVDB-ID: #VU104337
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49680
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the exynos_map_pmu() function in arch/arm/mach-exynos/exynos.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
433) Memory leak
EUVDB-ID: #VU104340
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49683
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the adi_axi_adc_attach_client() function in drivers/iio/adc/adi-axi-adc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
434) Use-after-free
EUVDB-ID: #VU104445
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49685
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iio_sysfs_trigger_remove() function in drivers/iio/trigger/iio-trig-sysfs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
435) Resource management error
EUVDB-ID: #VU104902
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49687
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the virtnet_freeze_down(), init_vqs() and virtnet_restore_up() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
436) NULL pointer dereference
EUVDB-ID: #VU104612
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49688
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the afs_getattr() function in fs/afs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
437) Memory leak
EUVDB-ID: #VU104342
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49693
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp4_modeset_init_intf() function in drivers/gpu/drm/msm/disp/mdp4/mdp4_kms.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
438) Use-after-free
EUVDB-ID: #VU104443
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49695
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the igb_clean_tx_ring() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
439) NULL pointer dereference
EUVDB-ID: #VU104614
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49699
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the filemap_get_read_batch() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
440) Use-after-free
EUVDB-ID: #VU104441
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49700
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the next_tid() function in mm/slub.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
441) Use-after-free
EUVDB-ID: #VU104440
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49701
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ibmvfc_npiv_logout(), ibmvfc_reenable_crq_queue(), ibmvfc_reset_crq(), ibmvfc_register_scsi_channel(), plpar_hcall_norets(), ibmvfc_deregister_scsi_channel() and ibmvfc_init_sub_crqs() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
442) NULL pointer dereference
EUVDB-ID: #VU104615
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49703
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ibmvfc_alloc_queue() and ibmvfc_register_scsi_channel() functions in drivers/scsi/ibmvscsi/ibmvfc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
443) Memory leak
EUVDB-ID: #VU104344
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49704
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v9fs_vfs_get_link() function in fs/9p/vfs_inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
444) Memory leak
EUVDB-ID: #VU104345
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49705
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v9fs_vfs_atomic_open_dotl() function in fs/9p/vfs_inode_dotl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
445) NULL pointer dereference
EUVDB-ID: #VU104616
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49707
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ext4_resize_begin() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
446) Improper error handling
EUVDB-ID: #VU104744
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49708
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ext4_mb_normalize_request() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
447) Buffer overflow
EUVDB-ID: #VU104918
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49710
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the create_log_context() function in drivers/md/dm-log.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
448) Use-after-free
EUVDB-ID: #VU104439
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49711
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_mc_bus_remove() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
449) Memory leak
EUVDB-ID: #VU104346
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49712
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpc32xx_udc_probe() function in drivers/usb/gadget/udc/lpc32xx_udc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
450) Memory leak
EUVDB-ID: #VU104347
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49713
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
451) Memory leak
EUVDB-ID: #VU104348
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49714
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the map_interrupts() function in drivers/irqchip/irq-realtek-rtl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
452) Memory leak
EUVDB-ID: #VU104349
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49715
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gic_populate_ppi_partitions() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
453) Improper error handling
EUVDB-ID: #VU104743
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49716
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the gic_populate_ppi_partitions() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
454) Memory leak
EUVDB-ID: #VU104352
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49719
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the realview_gic_of_init() function in drivers/irqchip/irq-gic-realview.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
455) Out-of-bounds read
EUVDB-ID: #VU104523
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49720
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the blk_mq_alloc_request_hctx() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
456) Resource management error
EUVDB-ID: #VU104904
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49721
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the get_ftrace_plt(), ftrace_modify_call() and ftrace_make_nop() functions in arch/arm64/kernel/ftrace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
457) Use-after-free
EUVDB-ID: #VU104438
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49722
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ice_reset_vf() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
458) Infinite loop
EUVDB-ID: #VU104815
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49723
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the error_state_read() function in drivers/gpu/drm/i915/i915_sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
459) Resource management error
EUVDB-ID: #VU104863
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49724
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the goldfish_tty_remove() function in drivers/tty/goldfish.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
460) Input validation error
EUVDB-ID: #VU104715
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49725
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_diag_test() function in drivers/net/ethernet/intel/i40e/i40e_ethtool.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
461) Double free
EUVDB-ID: #VU104740
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49726
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the hv_init_clocksource() function in drivers/clocksource/hyperv_timer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
462) Memory leak
EUVDB-ID: #VU104353
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49729
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfcmrvl_play_deferred() function in drivers/nfc/nfcmrvl/usb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
463) Use-after-free
EUVDB-ID: #VU104437
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49730
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_cmpl_els_logo(), lpfc_els_free_iocb() and lpfc_disc_state_machine() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
464) NULL pointer dereference
EUVDB-ID: #VU104617
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49731
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ata_host_alloc_pinfo() function in drivers/ata/libata-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
465) NULL pointer dereference
EUVDB-ID: #VU105411
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49733
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_pcm_oss_sync() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
466) Input validation error
EUVDB-ID: #VU106234
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49739
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the gfs2_dinode_in() function in fs/gfs2/glops.c, within the gfs2_unstuffer_page() function in fs/gfs2/bmap.c, within the stuffed_readpage() function in fs/gfs2/aops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
467) Memory leak
EUVDB-ID: #VU106157
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49746
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sdma_transfer_init() function in drivers/dma/imx-sdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
468) Integer overflow
EUVDB-ID: #VU106208
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49748
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the amd_core_pmu_init() function in arch/x86/events/amd/core.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
469) Improper locking
EUVDB-ID: #VU106198
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49751
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the w1_process() function in drivers/w1/w1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
470) Use-after-free
EUVDB-ID: #VU106178
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49753
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dma_chan_get() function in drivers/dma/dmaengine.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
471) Use-after-free
EUVDB-ID: #VU106177
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49755
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __ffs_ep0_queue_wait() and functionfs_unbind() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
472) Improper locking
EUVDB-ID: #VU106199
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-49759
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vmci_check_host_caps(), vmci_dispatch_dgs(), vmci_interrupt(), vmci_interrupt_bm(), vmci_guest_probe_device(), free_irq() and vmci_guest_remove_device() functions in drivers/misc/vmw_vmci/vmci_guest.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
473) Integer overflow
EUVDB-ID: #VU71173
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2023-0179
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an integer overflow within the nft_payload_copy_vlan() function in Linux kernel Netfilter. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
474) Use-after-free
EUVDB-ID: #VU74770
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1652
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfsd4_ssc_setup_dul() function in fs/nfsd/nfs4proc.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Mitigation
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
475) Use-after-free
EUVDB-ID: #VU75994
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2162
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
476) Buffer overflow
EUVDB-ID: #VU75955
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-28410
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
477) Use-after-free
EUVDB-ID: #VU79491
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3567
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vc_screen() function in vcs_read in drivers/tty/vt/vc_screen.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
478) Memory leak
EUVDB-ID: #VU106153
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52930
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the i915_gem_object_set_tiling() function in drivers/gpu/drm/i915/gem/i915_gem_tiling.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
479) Input validation error
EUVDB-ID: #VU106206
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52933
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_xattr_lookup() function in fs/squashfs/xattr_id.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
480) Use-after-free
EUVDB-ID: #VU106174
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52935
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the retract_page_tables() function in mm/khugepaged.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
481) NULL pointer dereference
EUVDB-ID: #VU106188
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52939
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/memcontrol.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
482) Resource management error
EUVDB-ID: #VU106223
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52941
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the isotp_rcv_echo(), isotp_tx_timer_handler(), isotp_release() and isotp_init() functions in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
483) Use-after-free
EUVDB-ID: #VU106173
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52973
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vcs_read() function in drivers/tty/vt/vc_screen.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
484) Use-after-free
EUVDB-ID: #VU106172
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52974
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iscsi_sw_tcp_host_get_param() and iscsi_sw_tcp_session_create() functions in drivers/scsi/iscsi_tcp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
485) Use-after-free
EUVDB-ID: #VU106171
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52975
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() and iscsi_session_teardown() functions in drivers/scsi/libiscsi.c, within the iscsi_sw_tcp_session_destroy() function in drivers/scsi/iscsi_tcp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
486) NULL pointer dereference
EUVDB-ID: #VU106189
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52976
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efi_mem_reserve_persistent() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
487) Out-of-bounds read
EUVDB-ID: #VU106180
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52979
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the squashfs_read_xattr_id_table() function in fs/squashfs/xattr_id.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
488) Use-after-free
EUVDB-ID: #VU106159
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52983
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_check_ioprio_change() function in block/bfq-iosched.c, within the __bfq_bic_change_cgroup() function in block/bfq-cgroup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
489) NULL pointer dereference
EUVDB-ID: #VU106190
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52984
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dp83822_config_intr() function in drivers/net/phy/dp83822.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
490) Out-of-bounds read
EUVDB-ID: #VU106182
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52988
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the add_secret_dac_path() function in sound/pci/hda/patch_via.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
491) Memory leak
EUVDB-ID: #VU106134
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52989
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ioctl_send_response() function in drivers/firewire/core-cdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
492) Buffer overflow
EUVDB-ID: #VU106222
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52992
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bpf_send_signal_common() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
493) NULL pointer dereference
EUVDB-ID: #VU106192
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52993
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_ISA_irqs() function in arch/x86/kernel/irqinit.c, within the make_8259A_irq() function in arch/x86/kernel/i8259.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
494) Memory leak
EUVDB-ID: #VU106144
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53000
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the validate_nla() and __nla_validate_parse() functions in lib/nlattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
495) NULL pointer dereference
EUVDB-ID: #VU106194
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53005
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_hist_field() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
496) Input validation error
EUVDB-ID: #VU106233
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53006
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the smbd_destroy() function in fs/cifs/smbdirect.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
497) Resource management error
EUVDB-ID: #VU106225
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53007
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the init_events() function in kernel/trace/trace_output.c, within the early_trace_init() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
498) Memory leak
EUVDB-ID: #VU106140
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53008
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the SMB2_auth_kerberos() function in fs/cifs/smb2pdu.c, within the decode_ntlmssp_challenge() and sess_auth_kerberos() functions in fs/cifs/sess.c, within the build_avpair_blob() function in fs/cifs/cifsencrypt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
499) Buffer overflow
EUVDB-ID: #VU106214
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53010
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bnxt_ethtool_init() function in drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
500) NULL pointer dereference
EUVDB-ID: #VU106196
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53015
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
501) Use-after-free
EUVDB-ID: #VU106164
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53016
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rfcomm_sock_connect() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
502) Out-of-bounds read
EUVDB-ID: #VU106184
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53019
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the EXPORT_SYMBOL() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
503) Use-after-free
EUVDB-ID: #VU106162
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53023
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the local_cleanup() function in net/nfc/llcp_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
504) Memory leak
EUVDB-ID: #VU106136
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53024
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
505) Use-after-free
EUVDB-ID: #VU106161
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53025
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/nfsd/nfs4proc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
506) Integer overflow
EUVDB-ID: #VU106211
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53026
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the EXPORT_SYMBOL() function in drivers/infiniband/core/verbs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
507) Memory leak
EUVDB-ID: #VU106135
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53028
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ieee80211_if_add() function in net/mac80211/iface.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
508) Use-after-free
EUVDB-ID: #VU106160
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53029
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the otx2_pool_refill_task(), otx2_sq_aura_pool_init() and otx2_rq_aura_pool_init() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
509) Resource management error
EUVDB-ID: #VU106219
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53030
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the otx2_sq_aura_pool_init() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
510) Buffer overflow
EUVDB-ID: #VU106221
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53033
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nft_payload_copy_vlan() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
511) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU88374
Risk: Medium
CVSSv4.0: 7.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Green]
CVE-ID: CVE-2024-2201
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to native branch history injection on x86 systems. A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests and compromise the affected system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
512) Use-after-free
EUVDB-ID: #VU94938
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41092
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_vma_revoke_fence() function in drivers/gpu/drm/i915/gt/intel_ggtt_fencing.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
513) Input validation error
EUVDB-ID: #VU95100
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42098
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ecdh_set_secret() function in crypto/ecdh.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
514) Buffer overflow
EUVDB-ID: #VU95078
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42229
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the setkey_unaligned() function in crypto/cipher.c, within the setkey_unaligned() function in crypto/aead.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
515) Buffer overflow
EUVDB-ID: #VU95516
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42240
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_INNER_LABEL() function in arch/x86/entry/entry_64_compat.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
516) Integer underflow
EUVDB-ID: #VU100637
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50290
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the cx24116_read_snr_pct() function in drivers/media/dvb-frontends/cx24116.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
517) Resource management error
EUVDB-ID: #VU100741
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53063
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_RWSEM() and dvb_register_device() functions in drivers/media/dvb-core/dvbdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
518) NULL pointer dereference
EUVDB-ID: #VU100714
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53064
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the idpf_init_hard_reset() function in drivers/net/ethernet/intel/idpf/idpf_lib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
519) Use-after-free
EUVDB-ID: #VU102030
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56651
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hi3110_can_ist() function in drivers/net/can/spi/hi311x.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
520) Out-of-bounds read
EUVDB-ID: #VU104987
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57996
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sfq_change() function in net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
521) Out-of-bounds read
EUVDB-ID: #VU104974
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-58014
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the wlc_phy_iqcal_gainparams_nphy() function in drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
522) Use-after-free
EUVDB-ID: #VU105391
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-58083
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/linux/kvm_host.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
523) Use-after-free
EUVDB-ID: #VU103741
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21693
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zswap_pool_create(), zswap_cpu_comp_prepare(), zswap_cpu_comp_dead(), zswap_compress() and zswap_decompress() functions in mm/zswap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
524) Use-after-free
EUVDB-ID: #VU104965
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21714
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_unused_implicit_child_mr() and implicit_get_child_mr() functions in drivers/infiniband/hw/mlx5/odp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
525) Use-after-free
EUVDB-ID: #VU104963
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21718
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rose_heartbeat_expiry(), rose_timer_expiry() and rose_idletimer_expiry() functions in net/rose/rose_timer.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
526) Use-after-free
EUVDB-ID: #VU104955
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21732
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_ib_invalidate_range() function in drivers/infiniband/hw/mlx5/odp.c, within the mlx5_revoke_mr() function in drivers/infiniband/hw/mlx5/mr.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
527) Use-after-free
EUVDB-ID: #VU104944
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21753
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/btrfs/transaction.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
528) Out-of-bounds read
EUVDB-ID: #VU104980
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21772
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mac_partition() function in block/partitions/mac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
529) Buffer overflow
EUVDB-ID: #VU105057
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21780
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the smu_sys_set_pp_table() function in drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
530) Infinite loop
EUVDB-ID: #VU105468
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21839
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the vcpu_enter_guest() function in arch/x86/kvm/x86.c, within the vmx_sync_dirty_debug_regs() and vmx_vcpu_run() functions in arch/x86/kvm/vmx/vmx.c, within the new_asid() and svm_vcpu_run() functions in arch/x86/kvm/svm/svm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
SUSE Linux Enterprise Micro: 5.3 - 5.4
kernel-source-rt: before 5.14.21-150400.15.115.1
kernel-rt-debugsource: before 5.14.21-150400.15.115.1
kernel-rt-debuginfo: before 5.14.21-150400.15.115.1
kernel-rt: before 5.14.21-150400.15.115.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro_for_rancher:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:suse:kernel-source-rt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-rt:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
