SUSE-SU-2026:0154-1

CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 (bsc#1249242).
CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpi_dev() return value (bsc#1254451).
CVE-2022-50367: fs: fix UAF/GPF bug in nilfsmdtdestroy (bsc#1250280).
CVE-2022-50409: net: If sock is dead don't access sock's skwq in skstreamwaitmemory (bsc#1250665).
CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow() (bsc#1251787).
CVE-2023-53717: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirsp_callback() (bsc#1252563).
CVE-2024-57849: s390/cpum_sf: handle CPU hotplug remove during sampling (bsc#1235815).
CVE-2025-38572: ipv6: reject malicious packets in ipv6gsosegment() (bsc#1248400).
CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

References

Affected packages

Name: kgraft-patch-SLE12-SP5_Update_63
Purl: pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_63&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

16-2.1

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_237-default": "16-2.1"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0154-1.json"