PT-2026-27069 · Suse · Kernel-Default+3

Publicado

2026-02-12

·

Atualizado

2026-02-12

·

CVE-2023-50756

Nenhuma

Não há classificações de severidade ou métricas disponíveis. Quando houver, atualizaremos as informações correspondentes na página.
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues
The following security issues were fixed:
  • CVE-2022-50347: mmc: rtsx usb sdmmc: fix return value check of mmc add host() (bsc#1249928).
  • CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time (bsc#1252542).
  • CVE-2022-50676: net: rds: don't hold sock lock when cancelling work from rds tcp reset callbacks() (bsc#1254689).
  • CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
  • CVE-2022-50709: wifi: ath9k: avoid uninit memory read in ath9k htc rx msg() (bsc#1255565).
  • CVE-2022-50716: wifi: ar5523: Fix use-after-free on ar5523 cmd() timed out (bsc#1255839).
  • CVE-2022-50717: nvmet-tcp: add bounds check on Transfer Tag (bsc#1255844).
  • CVE-2022-50719: ALSA: line6: fix stack overflow in line6 midi transmit (bsc#1255939).
  • CVE-2022-50740: wifi: ath9k: hif usb: fix memory leak of urbs in ath9k hif usb dealloc tx urbs() (bsc#1256155).
  • CVE-2022-50744: scsi: lpfc: Fix hard lockup when reading the rx monitor from debugfs (bsc#1256165).
  • CVE-2022-50749: acct: fix potential integer overflow in encode comp t() (bsc#1256191).
  • CVE-2022-50751: configfs: fix possible memory leak in configfs create dir() (bsc#1256184).
  • CVE-2022-50760: drm/amdgpu: Fix PCI device refcount leak in amdgpu atrm get bios() (bsc#1255983).
  • CVE-2022-50770: ocfs2: fix memory leak in ocfs2 mount volume() (bsc#1256221).
  • CVE-2022-50777: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii probe (bsc#1256320).
  • CVE-2022-50780: net: fix UAF issue in nfqnl nf hook drop() when ops init() failed (bsc#1256305).
  • CVE-2022-50782: ext4: fix bug on in es tree search caused by bad quota inode (bsc#1256282).
  • CVE-2022-50786: media: s5p-mfc: Clear workbit to handle error condition (bsc#1256258).
  • CVE-2022-50816: ipv6: ensure sane device mtu in tunnels (bsc#1256038).
  • CVE-2022-50834: nfc: Fix potential resource leaks (bsc#1256219).
  • CVE-2022-50865: tcp: fix a signed-integer-overflow bug in tcp add backlog() (bsc#1256168).
  • CVE-2022-50868: hwrng: amd - Fix PCI device refcount leak (bsc#1256386).
  • CVE-2022-50880: wifi: ath10k: add peer map clean up for peer delete in ath10k sta state() (bsc#1256132).
  • CVE-2022-50881: ath9k: Fix typo in function name (bsc#1256130).
  • CVE-2022-50884: drm: Prevent drm copy field() to attempt copying a NULL pointer (bsc#1256127).
  • CVE-2022-50885: RDMA/rxe: Fix NULL-ptr-deref in rxe qp do cleanup() when socket create failed (bsc#1256122).
  • CVE-2022-50887: regulator: core: fix unbalanced of node refcount in regulator dev lookup() (bsc#1256125).
  • CVE-2023-50756: nvme-pci: fix mempool alloc size (bsc#1256216).
  • CVE-2023-53685: tun: Fix memory leak for detached NAPI queue (bsc#1251770).
  • CVE-2023-53747: vc screen: reload load of struct vc data pointer in vcs write() to avoid UAF (bsc#1254572).
  • CVE-2023-53751: cifs: fix potential use-after-free bugs in TCP Server Info::hostname (bsc#1254986).
  • CVE-2023-53825: kcm: Fix error handling for SOCK DGRAM in kcm sendmsg() (bsc#1254707).
  • CVE-2023-53853: netlink: annotate accesses to nlk->cb running (bsc#1254673).
  • CVE-2023-53863: netlink: do not hard code device address lenth in fdb dumps (bsc#1254657).
  • CVE-2023-53992: wifi: cfg80211: ocb: don't leave if not joined (bsc#1256058).
  • CVE-2023-54012: net: fix stack overflow when LRO is disabled for virtual interfaces (bsc#1255571).
  • CVE-2023-54047: drm/rockchip: dw hdmi: cleanup drm encoder during unbind (bsc#1256398).
  • CVE-2023-54048: RDMA/bnxt re: Prevent handling any completions after qp destroy (bsc#1256395).
  • CVE-2023-54067: btrfs: fix race when deleting free space root from the dirty cow roots list (bsc#1256369).
  • CVE-2023-54111: pinctrl: rockchip: Fix refcount leak in rockchip pinctrl parse groups (bsc#1256149).
  • CVE-2023-54112: kcm: Fix memory leak in error path of kcm sendmsg() (bsc#1256354).
  • CVE-2023-54118: serial: sc16is7xx: setup GPIO controller later in probe (bsc#1256131).
  • CVE-2023-54121: btrfs: fix incorrect splitting in btrfs drop extent map range (bsc#1256267).
  • CVE-2023-54134: autofs: fix memory leak of waitqueues in autofs catatonic mode (bsc#1256106).
  • CVE-2023-54198: tty: fix out-of-bounds access in tty driver lookup tty() (bsc#1255970).
  • CVE-2023-54202: drm/i915: fix race condition UAF in i915 perf add config ioctl (bsc#1255880).
  • CVE-2023-54207: HID: uclogic: Correct devm device reference for hidinput input dev name (bsc#1255961).
  • CVE-2023-54218: sock: Make sock->sk stamp thread-safe (bsc#1256229).
  • CVE-2023-54230: amba: bus: fix refcount leak (bsc#1255925).
  • CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
  • CVE-2023-54265: ipv6: Fix an uninit variable access bug in ip6 make skb() (bsc#1255874).
  • CVE-2023-54274: RDMA/srpt: Add a check for valid 'mad agent' pointer (bsc#1255905).
  • CVE-2023-54282: media: tuners: qt1010: replace BUG ON with a regular error (bsc#1255810).
  • CVE-2023-54287: tty: serial: imx: disable Ageing Timer interrupt request irq (bsc#1255804).
  • CVE-2023-54311: ext4: fix deadlock when converting an inline directory in nojournal mode (bsc#1255773).
  • CVE-2023-54321: driver core: fix potential null-ptr-deref in device add() (bsc#1255762).
  • CVE-2024-41007: tcp: use signed arithmetic in tcp rtx probe0 timed out() (bsc#1227863).
  • CVE-2025-40115: scsi: mpt3sas: Fix crash in transport port remove by using ioc info() (bsc#1253318).
  • CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
  • CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr work is cancelled in nvme fc delete ctrl() (bsc#1254839).
  • CVE-2025-40264: be2net: pass wrb params in case of OS2BMC (bsc#1254835).
  • CVE-2025-40271: fs/proc: fix uaf in proc readdir de() (bsc#1255297).
  • CVE-2025-40323: fbcon: Set fb display[i]->mode to NULL when the mode is released (bsc#1255094).
  • CVE-2025-40339: drm/amdgpu: fix nullptr err of vm handle moved (bsc#1255428).
  • CVE-2025-40345: usb: storage: sddr55: Reject out-of-bound new pba (bsc#1255279).
  • CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
  • CVE-2025-68188: tcp: use dst dev rcu() in tcp fastopen active disable ofo check() (bsc#1255269).
  • CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu atom execute table locked() (bsc#1255131).
  • CVE-2025-68192: net: usb: qmi wwan: initialize MAC header offset in qmimux rx fixup (bsc#1255246).
  • CVE-2025-68241: ipv4: route: Prevent rt bind exception() from rebinding stale fnhe (bsc#1255157).
  • CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
  • CVE-2025-68261: ext4: add i data sem protection in ext4 destroy inline data nolock() (bsc#1255164).
  • CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
  • CVE-2025-68286: drm/amd/display: Check NULL before accessing (bsc#1255351).
  • CVE-2025-68296: drm, fbcon, vga switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
  • CVE-2025-68303: platform/x86: intel: punit ipc: fix memory corruption (bsc#1255122).
  • CVE-2025-68305: Bluetooth: hci sock: Prevent race in socket write iter and sock bind (bsc#1255169).
  • CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
  • CVE-2025-68337: jbd2: avoid bug on in jbd2 journal get create access() when file system corrupted (bsc#1255482).
  • CVE-2025-68349: NFSv4/pNFS: Clear NFS INO LAYOUTCOMMIT in pnfs mark layout stateid invalid (bsc#1255544).
  • CVE-2025-68354: regulator: core: Protect regulator supply alias list with regulator list mutex (bsc#1255553).
  • CVE-2025-68362: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187 rx cb() (bsc#1255611).
  • CVE-2025-68366: nbd: defer config unlock in nbd genl connect (bsc#1255622).
  • CVE-2025-68367: macintosh/mac hid: fix race condition in mac hid toggle emumouse (bsc#1255547).
  • CVE-2025-68372: nbd: defer config put in recv work (bsc#1255537).
  • CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
  • CVE-2025-68740: ima: Handle error code returned by ima filter rule match() (bsc#1255812).
  • CVE-2025-68757: drm/vgem-fence: Fix potential deadlock on release (bsc#1255943).
  • CVE-2025-68767: hfsplus: Verify inode mode when loading from disk (bsc#1256580).
  • CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2 find victim chain (bsc#1256582).
  • CVE-2025-68774: hfsplus: fix missing hfs bnode get() in hfs bnode create (bsc#1256585).
  • CVE-2025-68783: ALSA: usb-mixer: us16x08: validate meter packet indices (bsc#1256650).
  • CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
  • CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
  • CVE-2025-68797: char: applicom: fix NULL pointer dereference in ac ioctl (bsc#1256660).
  • CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
  • CVE-2025-68816: net/mlx5: fw tracer, Validate format string parameters (bsc#1256674).
  • CVE-2025-71064: net: hns3: using the num tqps in the vf driver to apply for resources (bsc#1256654).
  • CVE-2025-71082: Bluetooth: btusb: revert use of devm kzalloc in btusb (bsc#1256611).
  • CVE-2025-71085: ipv6: BUG() in pskb expand head() as part of calipso skbuff setattr() (bsc#1256623).
  • CVE-2025-71087: iavf: fix off-by-one issues in iavf config rss reg() (bsc#1256628).
  • CVE-2025-71091: team: fix check for port enabled in team queue override port prio changed() (bsc#1256773).
  • CVE-2025-71093: e1000: fix OOB in e1000 tbi should accept() (bsc#1256777).
  • CVE-2025-71096: RDMA/core: Check for the presence of LS NLA TYPE DGID correctly (bsc#1256606).
  • CVE-2025-71098: ip6 gre: make ip6gre header() robust (bsc#1256591).
  • CVE-2025-71108: usb: typec: ucsi: Handle incorrect num connectors capability (bsc#1256774).
  • CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
  • CVE-2025-71119: powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1205462).
  • CVE-2025-71120: SUNRPC: svcauth gss: avoid NULL deref on zero length gss token in gss read proxy verf (bsc#1256779).
  • CVE-2026-22976: net sched: qfq: Fix double list add in class with netem as child qdisc (bsc#1257035).
  • CVE-2026-22978: wifi: avoid kernel-infoleak from struct iw point (bsc#1257227).
  • CVE-2026-22999: net/sched: sch qfq: do not free existing class in qfq change class() (bsc#1257236).
  • CVE-2026-23001: macvlan: Use 'hash' iterators to simplify code (bsc#1257232).
  • CVE-2026-23011: ipv4: ip gre: make ipgre header() robust (bsc#1257207).
The following non security issues were fixed:
  • RDMA/rxe: Fix the error caused by qp->sk (bsc#1256122).
  • RDMA/srpt: Fix disabling device management (bsc#1255905).
  • RDMA/srpt: Fix handling of SR-IOV and iWARP ports (bsc#1255905).
  • configfs: factor dirent removal into helpers (bsc#1256184).
  • drm/amdgpu: Remove explicit wait after VM validate (bsc#1255428).
  • drm/amdgpu: update mappings not managed by KFD (bsc#1255428).
  • hwrng: amd - Convert PCIBIOS * return codes to errnos (bsc#1256386).
  • nvmet-tcp: Fix NULL dereference when a connect data comes in h2cdata pdu (bsc#1255844).
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-50756
SUSE-SU-2026:0473-1

Produtos afetados

Kernel-Default
Kernel-Source
Kernel-Syms
Kgraft-Patch-Sle12-Sp5 Update 77