SUSE: Critical Kernel UAF Vulnerability Patch 2025:03190-2

suse

September 12, 2025

* bsc#1231676 * bsc#1231943 * bsc#1232271 * bsc#1237930 * bsc#1242579

Summary

## This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues. The following security issues were fixed: * CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579). * CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237930). * CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235). * CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271). * CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775). * CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676).

Topics Covered

security advisory SuSE remote attack important kernel UAF

References

* bsc#1231676

* bsc#1231943

* bsc#1232271

* bsc#1237930

* bsc#1242579

* bsc#1244235

* bsc#1245775

* bsc#1245791

* bsc#1246030

Cross-

* CVE-2022-49053

* CVE-2024-47674

* CVE-2024-47706

* CVE-2024-49867

* CVE-2025-21999

* CVE-2025-37890

* CVE-2025-38000

* CVE-2025-38001

* CVE-2025-38212

CVSS scores:

* CVE-2022-49053 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2022-49053 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-49053 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-47674 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2025:03190-1

Release Date: 2025-09-12T08:09:51Z

Rating: important

Topics Covered

security advisory SuSE remote attack important kernel UAF

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: Critical Kernel UAF Vulnerability Patch 2025:03190-2

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: Critical Kernel UAF Vulnerability Patch 2025:03190-2

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!