{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-50200: selinux: Add boundary check in put_entry() (bsc#1245149).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2025-2312,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-2312","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02312-1.json"},{"category":"self","summary":"URL for SUSE-SU-2025:02312-1","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202502312-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2025:02312-1","url":"https://lists.suse.com/pipermail/sle-updates/2025-July/040708.html"},{"category":"self","summary":"SUSE Bug 1205220","url":"https://bugzilla.suse.com/1205220"},{"category":"self","summary":"SUSE Bug 1212051","url":"https://bugzilla.suse.com/1212051"},{"category":"self","summary":"SUSE Bug 1240270","url":"https://bugzilla.suse.com/1240270"},{"category":"self","summary":"SUSE Bug 1245047","url":"https://bugzilla.suse.com/1245047"},{"category":"self","summary":"SUSE Bug 1245057","url":"https://bugzilla.suse.com/1245057"},{"category":"self","summary":"SUSE Bug 1245149","url":"https://bugzilla.suse.com/1245149"},{"category":"self","summary":"SUSE CVE CVE-2022-3903 page","url":"https://www.suse.com/security/cve/CVE-2022-3903/"},{"category":"self","summary":"SUSE CVE CVE-2022-49937 page","url":"https://www.suse.com/security/cve/CVE-2022-49937/"},{"category":"self","summary":"SUSE CVE CVE-2022-50067 page","url":"https://www.suse.com/security/cve/CVE-2022-50067/"},{"category":"self","summary":"SUSE CVE CVE-2022-50200 page","url":"https://www.suse.com/security/cve/CVE-2022-50200/"},{"category":"self","summary":"SUSE CVE CVE-2023-3111 page","url":"https://www.suse.com/security/cve/CVE-2023-3111/"},{"category":"self","summary":"SUSE CVE CVE-2023-53032 page","url":"https://www.suse.com/security/cve/CVE-2023-53032/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2025-07-15T10:03:28Z","generator":{"date":"2025-07-15T10:03:28Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2025:02312-1","initial_release_date":"2025-07-15T10:03:28Z","revision_history":[{"date":"2025-07-15T10:03:28Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-default-3.0.101-108.186.1.x86_64","product":{"name":"kernel-default-3.0.101-108.186.1.x86_64","product_id":"kernel-default-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-default-base-3.0.101-108.186.1.x86_64","product":{"name":"kernel-default-base-3.0.101-108.186.1.x86_64","product_id":"kernel-default-base-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-default-devel-3.0.101-108.186.1.x86_64","product":{"name":"kernel-default-devel-3.0.101-108.186.1.x86_64","product_id":"kernel-default-devel-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-ec2-3.0.101-108.186.1.x86_64","product":{"name":"kernel-ec2-3.0.101-108.186.1.x86_64","product_id":"kernel-ec2-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-ec2-base-3.0.101-108.186.1.x86_64","product":{"name":"kernel-ec2-base-3.0.101-108.186.1.x86_64","product_id":"kernel-ec2-base-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-ec2-devel-3.0.101-108.186.1.x86_64","product":{"name":"kernel-ec2-devel-3.0.101-108.186.1.x86_64","product_id":"kernel-ec2-devel-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-source-3.0.101-108.186.1.x86_64","product":{"name":"kernel-source-3.0.101-108.186.1.x86_64","product_id":"kernel-source-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-syms-3.0.101-108.186.1.x86_64","product":{"name":"kernel-syms-3.0.101-108.186.1.x86_64","product_id":"kernel-syms-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-trace-3.0.101-108.186.1.x86_64","product":{"name":"kernel-trace-3.0.101-108.186.1.x86_64","product_id":"kernel-trace-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-trace-base-3.0.101-108.186.1.x86_64","product":{"name":"kernel-trace-base-3.0.101-108.186.1.x86_64","product_id":"kernel-trace-base-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-trace-devel-3.0.101-108.186.1.x86_64","product":{"name":"kernel-trace-devel-3.0.101-108.186.1.x86_64","product_id":"kernel-trace-devel-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-xen-3.0.101-108.186.1.x86_64","product":{"name":"kernel-xen-3.0.101-108.186.1.x86_64","product_id":"kernel-xen-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-xen-base-3.0.101-108.186.1.x86_64","product":{"name":"kernel-xen-base-3.0.101-108.186.1.x86_64","product_id":"kernel-xen-base-3.0.101-108.186.1.x86_64"}},{"category":"product_version","name":"kernel-xen-devel-3.0.101-108.186.1.x86_64","product":{"name":"kernel-xen-devel-3.0.101-108.186.1.x86_64","product_id":"kernel-xen-devel-3.0.101-108.186.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product":{"name":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-default-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-default-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-default-base-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-default-devel-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-ec2-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-ec2-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-ec2-base-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-ec2-base-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-ec2-devel-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-ec2-devel-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-source-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-syms-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-trace-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-trace-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-trace-base-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-trace-base-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-trace-devel-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-trace-devel-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-xen-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-xen-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-xen-base-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-xen-base-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"},{"category":"default_component_of","full_product_name":{"name":"kernel-xen-devel-3.0.101-108.186.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"},"product_reference":"kernel-xen-devel-3.0.101-108.186.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"}]},"vulnerabilities":[{"cve":"CVE-2022-3903","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-3903"}],"notes":[{"category":"general","text":"An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-3903","url":"https://www.suse.com/security/cve/CVE-2022-3903"},{"category":"external","summary":"SUSE Bug 1205220 for CVE-2022-3903","url":"https://bugzilla.suse.com/1205220"},{"category":"external","summary":"SUSE Bug 1212297 for CVE-2022-3903","url":"https://bugzilla.suse.com/1212297"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-15T10:03:28Z","details":"moderate"}],"title":"CVE-2022-3903"},{"cve":"CVE-2022-49937","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-49937"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mceusb: Use new usb_control_msg_*() routines\n\nAutomatic kernel fuzzing led to a WARN about invalid pipe direction in\nthe mceusb driver:\n\n------------[ cut here ]------------\nusb 6-1: BOGUS control dir, pipe 80000380 doesn't match bRequestType 40\nWARNING: CPU: 0 PID: 2465 at drivers/usb/core/urb.c:410\nusb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nModules linked in:\nCPU: 0 PID: 2465 Comm: kworker/0:2 Not tainted 5.19.0-rc4-00208-g69cb6c6556ad #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nCode: 7c 24 40 e8 ac 23 91 fd 48 8b 7c 24 40 e8 b2 70 1b ff 45 89 e8\n44 89 f1 4c 89 e2 48 89 c6 48 c7 c7 a0 30 a9 86 e8 48 07 11 02 <0f> 0b\ne9 1c f0 ff ff e8 7e 23 91 fd 0f b6 1d 63 22 83 05 31 ff 41\nRSP: 0018:ffffc900032becf0 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff8881100f3058 RCX: 0000000000000000\nRDX: ffffc90004961000 RSI: ffff888114c6d580 RDI: fffff52000657d90\nRBP: ffff888105ad90f0 R08: ffffffff812c3638 R09: 0000000000000000\nR10: 0000000000000005 R11: ffffed1023504ef1 R12: ffff888105ad9000\nR13: 0000000000000040 R14: 0000000080000380 R15: ffff88810ba96500\nFS: 0000000000000000(0000) GS:ffff88811a800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe810bda58 CR3: 000000010b720000 CR4: 0000000000350ef0\nCall Trace:\n<TASK>\nusb_start_wait_urb+0x101/0x4c0 drivers/usb/core/message.c:58\nusb_internal_control_msg drivers/usb/core/message.c:102 [inline]\nusb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:153\nmceusb_gen1_init drivers/media/rc/mceusb.c:1431 [inline]\nmceusb_dev_probe+0x258e/0x33f0 drivers/media/rc/mceusb.c:1807\n\nThe reason for the warning is clear enough; the driver sends an\nunusual read request on endpoint 0 but does not set the USB_DIR_IN bit\nin the bRequestType field.\n\nMore importantly, the whole situation can be avoided and the driver\nsimplified by converting it over to the relatively new\nusb_control_msg_recv() and usb_control_msg_send() routines.  That's\nwhat this fix does.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-49937","url":"https://www.suse.com/security/cve/CVE-2022-49937"},{"category":"external","summary":"SUSE Bug 1245057 for CVE-2022-49937","url":"https://bugzilla.suse.com/1245057"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.1"},"products":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-15T10:03:28Z","details":"moderate"}],"title":"CVE-2022-49937"},{"cve":"CVE-2022-50067","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-50067"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: unset reloc control if transaction commit fails in prepare_to_relocate()\n\nIn btrfs_relocate_block_group(), the rc is allocated.  Then\nbtrfs_relocate_block_group() calls\n\nrelocate_block_group()\n  prepare_to_relocate()\n    set_reloc_control()\n\nthat assigns rc to the variable fs_info->reloc_ctl. When\nprepare_to_relocate() returns, it calls\n\nbtrfs_commit_transaction()\n  btrfs_start_dirty_block_groups()\n    btrfs_alloc_path()\n      kmem_cache_zalloc()\n\nwhich may fail for example (or other errors could happen). When the\nfailure occurs, btrfs_relocate_block_group() detects the error and frees\nrc and doesn't set fs_info->reloc_ctl to NULL. After that, in\nbtrfs_init_reloc_root(), rc is retrieved from fs_info->reloc_ctl and\nthen used, which may cause a use-after-free bug.\n\nThis possible bug can be triggered by calling btrfs_ioctl_balance()\nbefore calling btrfs_ioctl_defrag().\n\nTo fix this possible bug, in prepare_to_relocate(), check if\nbtrfs_commit_transaction() fails. If the failure occurs,\nunset_reloc_control() is called to set fs_info->reloc_ctl to NULL.\n\nThe error log in our fault-injection testing is shown as follows:\n\n  [   58.751070] BUG: KASAN: use-after-free in btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n  ...\n  [   58.753577] Call Trace:\n  ...\n  [   58.755800]  kasan_report+0x45/0x60\n  [   58.756066]  btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n  [   58.757304]  record_root_in_trans+0x792/0xa10 [btrfs]\n  [   58.757748]  btrfs_record_root_in_trans+0x463/0x4f0 [btrfs]\n  [   58.758231]  start_transaction+0x896/0x2950 [btrfs]\n  [   58.758661]  btrfs_defrag_root+0x250/0xc00 [btrfs]\n  [   58.759083]  btrfs_ioctl_defrag+0x467/0xa00 [btrfs]\n  [   58.759513]  btrfs_ioctl+0x3c95/0x114e0 [btrfs]\n  ...\n  [   58.768510] Allocated by task 23683:\n  [   58.768777]  ____kasan_kmalloc+0xb5/0xf0\n  [   58.769069]  __kmalloc+0x227/0x3d0\n  [   58.769325]  alloc_reloc_control+0x10a/0x3d0 [btrfs]\n  [   58.769755]  btrfs_relocate_block_group+0x7aa/0x1e20 [btrfs]\n  [   58.770228]  btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n  [   58.770655]  __btrfs_balance+0x1326/0x1f10 [btrfs]\n  [   58.771071]  btrfs_balance+0x3150/0x3d30 [btrfs]\n  [   58.771472]  btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n  [   58.771902]  btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n  ...\n  [   58.773337] Freed by task 23683:\n  ...\n  [   58.774815]  kfree+0xda/0x2b0\n  [   58.775038]  free_reloc_control+0x1d6/0x220 [btrfs]\n  [   58.775465]  btrfs_relocate_block_group+0x115c/0x1e20 [btrfs]\n  [   58.775944]  btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n  [   58.776369]  __btrfs_balance+0x1326/0x1f10 [btrfs]\n  [   58.776784]  btrfs_balance+0x3150/0x3d30 [btrfs]\n  [   58.777185]  btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n  [   58.777621]  btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n  ...","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-50067","url":"https://www.suse.com/security/cve/CVE-2022-50067"},{"category":"external","summary":"SUSE Bug 1245047 for CVE-2022-50067","url":"https://bugzilla.suse.com/1245047"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-15T10:03:28Z","details":"moderate"}],"title":"CVE-2022-50067"},{"cve":"CVE-2022-50200","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-50200"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: Add boundary check in put_entry()\n\nJust like next_entry(), boundary check is necessary to prevent memory\nout-of-bound access.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-50200","url":"https://www.suse.com/security/cve/CVE-2022-50200"},{"category":"external","summary":"SUSE Bug 1237312 for CVE-2022-50200","url":"https://bugzilla.suse.com/1237312"},{"category":"external","summary":"SUSE Bug 1245149 for CVE-2022-50200","url":"https://bugzilla.suse.com/1245149"},{"category":"external","summary":"SUSE Bug 1245150 for CVE-2022-50200","url":"https://bugzilla.suse.com/1245150"},{"category":"external","summary":"SUSE Bug 1247374 for CVE-2022-50200","url":"https://bugzilla.suse.com/1247374"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-15T10:03:28Z","details":"important"}],"title":"CVE-2022-50200"},{"cve":"CVE-2023-3111","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-3111"}],"notes":[{"category":"general","text":"A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-3111","url":"https://www.suse.com/security/cve/CVE-2023-3111"},{"category":"external","summary":"SUSE Bug 1212051 for CVE-2023-3111","url":"https://bugzilla.suse.com/1212051"},{"category":"external","summary":"SUSE Bug 1220015 for CVE-2023-3111","url":"https://bugzilla.suse.com/1220015"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-15T10:03:28Z","details":"moderate"}],"title":"CVE-2023-3111"},{"cve":"CVE-2023-53032","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-53032"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.\n\nWhen first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of\nan arithmetic expression 2 << (netmask - mask_bits - 1) is subject\nto overflow due to a failure casting operands to a larger data type\nbefore performing the arithmetic.\n\nNote that it's harmless since the value will be checked at the next step.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-53032","url":"https://www.suse.com/security/cve/CVE-2023-53032"},{"category":"external","summary":"SUSE Bug 1240270 for CVE-2023-53032","url":"https://bugzilla.suse.com/1240270"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.186.1.x86_64","SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.186.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-15T10:03:28Z","details":"moderate"}],"title":"CVE-2023-53032"}]}