ESSA-2026:0024: Moderate: SUSE Liberty Linux kernel security update

Update Advisories for SUSE Liberty Linux suse-liberty-linux-updates at lists.suse.com
Tue Feb 3 16:07:58 UTC 2026 

# kernel security update

Announcement ID: ESSA-2026:0024
Rating: Moderate

Cross-References:

  * CVE-2022-3640
  * CVE-2022-50341
  * CVE-2022-50386
  * CVE-2022-50408
  * CVE-2023-53305
  * CVE-2023-53365
  * CVE-2025-38718



CVSS scores:

  * CVE-2022-3640 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2022-50341 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2022-50341 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2022-50386 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-50386 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-50408 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-50408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-53305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-53365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-38718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

  * SUSE Liberty Linux 7 LTSS


An update that solves 7 vulnerabilities can now be installed.

## Description:

[3.10.0-1160.119.1.0.15]- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() {CVE-2022-3640} [Orabug: 38742878]- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put [Orabug: 38742878]- Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386} [Orabug: 38742878]- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408} [Orabug: 38742878]- Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305} [Orabug: 38742878]- ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365} [Orabug: 38742878]- sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718} [Orabug: 38742878][3.10.0-1160.119.1.0.14]- HID: core: fix shift-out-of-bounds in hid_report_raw_event {CVE-2022-48978} [Orabug: 38644370]- crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} [Orabug: 38644370]- nfsd: don't ignore the return code of svc_proc_register() {CVE-2025-22026} [Orabug: 38644370]- net_sched: hfsc: Fix a UAF vulnerability in class handling {CVE-2025-37797} [Ora
 bug: 38644370]- HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} [Orabug: 38644370]- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751} [Orabug: 38644370][3.10.0-1160.119.1.0.13]- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701} [Orabug: 38493400]- md-raid10: fix KASAN warning {CVE-2022-50211} [Orabug: 38493400]- ALSA: bcd2000: Fix a UAF bug on the error path of probing {CVE-2022-50229} [Orabug: 38493400]- net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125} [Orabug: 38493400]- i40e: fix MMIO write access to an invalid page in i40e_clear_hw {CVE-2025-38200} [Orabug: 38493400]- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} [Orabug: 38493400][3.10.0-1160.119.1.0.12]- scsi: lpfc: Use memcpy() for BIOS version (CVE-2025-38332) [Orabug: 38414589]- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CVE-2025-38352) 
 [Orabug: 38414589][3.10.0-1160.119.1.0.11]- kernel: media: uvcvideo: Fix double free in error path (CVE-2024-57980)- kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)- kernel: ext4: fix off-by-one error in do_split (CVE-2025-23150)- kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788)- kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)- kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)- kernel: drivers:md:fix a potential use-after-free bug (CVE-2022-50022)- kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)- kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)- crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)[3.10.0-1160.119.1.0.10]- net: atlantic: fix aq_vec index out of range error (Chia-Lin Kao) {CVE-2022-50066} [Orabug: 38201271]- net: atm: fix use after free 
 in lec_send() (Dan Carpenter) {CVE-2025-22004} [Orabug: 38201271][3.10.0-1160.119.1.0.9]- netfilter: ipset: add missing range check in bitmap_ip_uadt (Jeongjun Park) {CVE-2024-53141} [Orabug: 37964173]- Update OL SB certificates- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985797][3.10.0-1160.119.1.0.8]- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Takashi Iwai) {CVE-2024-53150} [Orabug: 37830084][3.10.0-1160.119.1.0.7]- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Benoit Sevens) {CVE-2024-53197} [Orabug: 37686305]- can: bcm: Fix UAF in bcm_proc_show() (YueHaibing) {CVE-2023-52922} [Orabug: 37686305]- HID: core: zero-initialize the report buffer (Benoit Sevens) {CVE-2024-50302} [Orabug: 37686305][3.10.0-1160.119.1.0.6]- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) {CVE-2024-53104} [Orabug: 37584712]

## Package List:

  * SUSE Liberty Linux 7 LTSS:
    * bpftool 3.10.0-1160.125.1.0.15.el7
    * kernel 3.10.0-1160.125.1.0.15.el7
    * kernel-abi-whitelists 3.10.0-1160.125.1.0.15.el7
    * kernel-debug 3.10.0-1160.125.1.0.15.el7
    * kernel-debug-devel 3.10.0-1160.125.1.0.15.el7
    * kernel-devel 3.10.0-1160.125.1.0.15.el7
    * kernel-doc 3.10.0-1160.125.1.0.15.el7
    * kernel-headers 3.10.0-1160.125.1.0.15.el7
    * kernel-tools 3.10.0-1160.125.1.0.15.el7
    * kernel-tools-libs 3.10.0-1160.125.1.0.15.el7
    * kernel-tools-libs-devel 3.10.0-1160.125.1.0.15.el7
    * perf 3.10.0-1160.125.1.0.15.el7
    * python-perf 3.10.0-1160.125.1.0.15.el7

## References:

  * https://www.suse.com/security/cve/CVE-2022-3640.html
  * https://www.suse.com/security/cve/CVE-2022-50341.html
  * https://www.suse.com/security/cve/CVE-2022-50386.html
  * https://www.suse.com/security/cve/CVE-2022-50408.html
  * https://www.suse.com/security/cve/CVE-2023-53305.html
  * https://www.suse.com/security/cve/CVE-2023-53365.html
  * https://www.suse.com/security/cve/CVE-2025-38718.html

More information about the suse-liberty-linux-updates mailing list