SB2026020467 - SUSE update for the Linux Kernel
Published: February 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 12 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2021-47633)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath5k_eeprom_convert_pcal_info_5111() function in drivers/net/wireless/ath/ath5k/eeprom.c. A local user can perform a denial of service (DoS) attack.
2) Use-after-free (CVE-ID: CVE-2022-1048)
The vulnerability allows a local user to execute arbitrary code with elevated privileges.
The vulnerability exists due to a use-after-free error in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. A local user can execute arbitrary code with elevated privileges and perform a denial-of-service attack.
3) NULL pointer dereference (CVE-ID: CVE-2022-3303)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel sound subsystem due to improper locking when handling the SNDCTL_DSP_SYNC ioctl. A privileged local user can trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.
4) Improper locking (CVE-ID: CVE-2022-49272)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_pcm_hw_params_choose(), snd_pcm_hw_params(), snd_pcm_hw_free() and snd_pcm_action_nonatomic() functions in sound/core/pcm_native.c, within the wait_for_avail() and __snd_pcm_lib_xfer() functions in sound/core/pcm_lib.c, within the snd_pcm_attach_substream() function in sound/core/pcm.c. A local user can perform a denial of service (DoS) attack.
5) Use-after-free (CVE-ID: CVE-2022-49288)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_pcm_lib_preallocate_proc_write() function in sound/core/pcm_memory.c. A local user can escalate privileges on the system.
6) Use-after-free (CVE-ID: CVE-2022-49291)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_pcm_hw_params_choose(), snd_pcm_hw_params() and do_hw_free() functions in sound/core/pcm_native.c, within the snd_pcm_attach_substream() and snd_pcm_detach_substream() functions in sound/core/pcm.c. A local user can escalate privileges on the system.
7) Resource management error (CVE-ID: CVE-2022-49545)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the snd_usbmidi_output_open() function in sound/usb/midi.c. A local user can perform a denial of service (DoS) attack.
8) NULL pointer dereference (CVE-ID: CVE-2022-49733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_pcm_oss_sync() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2024-56658)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
10) Out-of-bounds read (CVE-ID: CVE-2024-57996)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sfq_change() function in net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.
11) Use-after-free (CVE-ID: CVE-2025-21718)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rose_heartbeat_expiry(), rose_timer_expiry() and rose_idletimer_expiry() functions in net/rose/rose_timer.c. A local user can escalate privileges on the system.
12) Out-of-bounds read (CVE-ID: CVE-2025-21772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mac_partition() function in block/partitions/mac.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.