Описание
Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise kernel 4.12.14-122.275 fixes various security issues
The following security issues were fixed:
- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1254451).
- CVE-2022-50367: fs: fix UAF/GPF bug in nilfs_mdt_destroy (bsc#1250280).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2023-53717: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() (bsc#1252563).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Список пакетов
SUSE Linux Enterprise Live Patching 12 SP5
Ссылки
- Link for SUSE-SU-2026:0200-1
- E-Mail link for SUSE-SU-2026:0200-1
- SUSE Security Ratings
- SUSE Bug 1250280
- SUSE Bug 1251787
- SUSE Bug 1252563
- SUSE Bug 1253437
- SUSE Bug 1254451
- SUSE CVE CVE-2022-50327 page
- SUSE CVE CVE-2022-50367 page
- SUSE CVE CVE-2023-53676 page
- SUSE CVE CVE-2023-53717 page
- SUSE CVE CVE-2025-40204 page
Описание
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subject and changelog edits, added empty line after if () ]
Затронутые продукты
Ссылки
- CVE-2022-50327
- SUSE Bug 1249859
- SUSE Bug 1254451
Описание
In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode() returns true and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(), which frees the uninitialized inode->i_private and leads to crashes(e.g., UAF/GPF). Fix this by moving security_inode_alloc just prior to this_cpu_inc(nr_inodes)
Затронутые продукты
Ссылки
- CVE-2022-50367
- SUSE Bug 1247374
- SUSE Bug 1250277
Описание
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries.
Затронутые продукты
Ссылки
- CVE-2023-53676
- SUSE Bug 1251786
- SUSE Bug 1251787
Описание
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wmi_cmd(). The callback writes to wmi->cmd_rsp_buf, a stack-allocated buffer that could no longer be valid when a timeout occurs. Set wmi->last_seq_id to 0 when a timeout occurred. Found by a modified version of syzkaller. BUG: KASAN: stack-out-of-bounds in ath9k_wmi_ctrl_rx Write of size 4 Call Trace: memcpy ath9k_wmi_ctrl_rx ath9k_htc_rx_msg ath9k_hif_usb_reg_in_cb __usb_hcd_giveback_urb usb_hcd_giveback_urb dummy_timer call_timer_fn run_timer_softirq __do_softirq irq_exit_rcu sysvec_apic_timer_interrupt
Затронутые продукты
Ссылки
- CVE-2023-53717
- SUSE Bug 1252560
- SUSE Bug 1252563
Описание
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Затронутые продукты
Ссылки
- CVE-2025-40204
- SUSE Bug 1253436
- SUSE Bug 1253437