VDB

SUSE-SU-2026%3A1044-1

SUSE-SU-2026%3A1044-1 PUBLISHED CVSS 9.300000190734863 CRITICAL

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: - CVE-2022-50423: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (bsc#1250785). - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255595). - CVE-2022-50756: nvme-pci: fix mempool alloc size (bsc#1256217). - CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254755). - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer (bsc#1257118). - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240). - CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402). - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644). - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).

Risk Scores

CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
SUSE:Linux Enterprise Live Patching 12 SP5kgraft-patch-SLE12-SP5_Update_700, 0

Timeline

  • Mar 25, 2026 CVE Published
  • Mar 27, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›