SB2025051706 - SUSE update for the Linux Kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025051706

SB2025051706 - SUSE update for the Linux Kernel

Published: May 17, 2025

Security Bulletin ID SB2025051706
Severity
Low
Patch available
YES
Number of vulnerabilities 14
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.


1) Memory leak (CVE-ID: CVE-2021-47671)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the es58x_rx_err_msg() function in drivers/net/can/usb/etas_es58x/es58x_core.c. A local user can perform a denial of service (DoS) attack.


2) Memory leak (CVE-ID: CVE-2022-49741)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ufx_usb_probe() function in drivers/video/fbdev/smscufx.c. A local user can perform a denial of service (DoS) attack.


3) Improper error handling (CVE-ID: CVE-2024-46784)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mana_destroy_txq(), mana_create_txq() and mana_destroy_rxq() functions in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.


4) Use-after-free (CVE-ID: CVE-2025-21726)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the padata_reorder() and invoke_padata_reorder() functions in kernel/padata.c. A local user can escalate privileges on the system.


5) Out-of-bounds read (CVE-ID: CVE-2025-21785)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the populate_cache_leaves() function in arch/arm64/kernel/cacheinfo.c. A local user can perform a denial of service (DoS) attack.


6) Use-after-free (CVE-ID: CVE-2025-21791)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the include/net/l3mdev.h. A local user can escalate privileges on the system.


7) Use-after-free (CVE-ID: CVE-2025-21812)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ax25_rt_autobind() function in net/ax25/ax25_route.c, within the ax25_send_frame() and ax25_queue_xmit() functions in net/ax25/ax25_out.c, within the ax25_ip_xmit() function in net/ax25/ax25_ip.c, within the ax25_dev_device_up() and ax25_dev_device_down() functions in net/ax25/ax25_dev.c, within the ax25_fillin_cb_from_dev() and ax25_setsockopt() functions in net/ax25/af_ax25.c. A local user can escalate privileges on the system.


8) Improper locking (CVE-ID: CVE-2025-21886)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the destroy_unused_implicit_child_mr() function in drivers/infiniband/hw/mlx5/odp.c. A local user can perform a denial of service (DoS) attack.


9) Use-after-free (CVE-ID: CVE-2025-22004)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lec_send() function in net/atm/lec.c. A local user can escalate privileges on the system.


10) Use-after-free (CVE-ID: CVE-2025-22020)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rtsx_usb_ms_drv_remove() function in drivers/memstick/host/rtsx_usb_ms.c. A local user can escalate privileges on the system.


11) Improper locking (CVE-ID: CVE-2025-22029)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the begin_new_exec(), free_bprm(), check_unsafe_exec(), bprm_execve() and sched_mm_cid_after_execve() functions in fs/exec.c. A local user can perform a denial of service (DoS) attack.


12) Input validation error (CVE-ID: CVE-2025-22045)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the arch/x86/include/asm/tlbflush.h. A local user can perform a denial of service (DoS) attack.


13) Out-of-bounds read (CVE-ID: CVE-2025-22055)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nft_tunnel_obj_erspan_init() function in net/netfilter/nft_tunnel.c. A local user can perform a denial of service (DoS) attack.


14) Use-after-free (CVE-ID: CVE-2025-22097)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vkms_init() and vkms_destroy() functions in drivers/gpu/drm/vkms/vkms_drv.c. A local user can escalate privileges on the system.


Remediation

Install update from vendor's website.

References