Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-23326 (GCVE-0-2026-23326)
Vulnerability from cvelistv5 – Published: 2026-03-25 10:27 – Updated: 2026-04-13 06:05
VLAI?
EPSS
Title
xsk: Fix fragment node deletion to prevent buffer leak
Summary
In the Linux kernel, the following vulnerability has been resolved:
xsk: Fix fragment node deletion to prevent buffer leak
After commit b692bf9a7543 ("xsk: Get rid of xdp_buff_xsk::xskb_list_node"),
the list_node field is reused for both the xskb pool list and the buffer
free list, this causes a buffer leak as described below.
xp_free() checks if a buffer is already on the free list using
list_empty(&xskb->list_node). When list_del() is used to remove a node
from the xskb pool list, it doesn't reinitialize the node pointers.
This means list_empty() will return false even after the node has been
removed, causing xp_free() to incorrectly skip adding the buffer to the
free list.
Fix this by using list_del_init() instead of list_del() in all fragment
handling paths, this ensures the list node is reinitialized after removal,
allowing the list_empty() to work correctly.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
560c974b7ccd95bb9ff20df77f6654283e45c9c6 , < 5172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d
(git)
Affected: fd5614763805d6f386bd07cc53558f88b1b1eb62 , < 2a9ea988465ece5b6896b1bdc144170a64e84c35 (git) Affected: b692bf9a7543af7ad11a59d182a3757578f0ba53 , < 645c6d8376ad4913cbffe0e0c2cca0c4febbe596 (git) Affected: b692bf9a7543af7ad11a59d182a3757578f0ba53 , < b38cbd4af5034635cff109e08788c63f956f3a69 (git) Affected: b692bf9a7543af7ad11a59d182a3757578f0ba53 , < 60abb0ac11dccd6b98fd9182bc5f85b621688861 (git) |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/xdp_sock_drv.h",
"net/xdp/xsk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d",
"status": "affected",
"version": "560c974b7ccd95bb9ff20df77f6654283e45c9c6",
"versionType": "git"
},
{
"lessThan": "2a9ea988465ece5b6896b1bdc144170a64e84c35",
"status": "affected",
"version": "fd5614763805d6f386bd07cc53558f88b1b1eb62",
"versionType": "git"
},
{
"lessThan": "645c6d8376ad4913cbffe0e0c2cca0c4febbe596",
"status": "affected",
"version": "b692bf9a7543af7ad11a59d182a3757578f0ba53",
"versionType": "git"
},
{
"lessThan": "b38cbd4af5034635cff109e08788c63f956f3a69",
"status": "affected",
"version": "b692bf9a7543af7ad11a59d182a3757578f0ba53",
"versionType": "git"
},
{
"lessThan": "60abb0ac11dccd6b98fd9182bc5f85b621688861",
"status": "affected",
"version": "b692bf9a7543af7ad11a59d182a3757578f0ba53",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/xdp_sock_drv.h",
"net/xdp/xsk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.13"
},
{
"lessThan": "6.13",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.17",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.17",
"versionStartIncluding": "6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.7",
"versionStartIncluding": "6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "6.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix fragment node deletion to prevent buffer leak\n\nAfter commit b692bf9a7543 (\"xsk: Get rid of xdp_buff_xsk::xskb_list_node\"),\nthe list_node field is reused for both the xskb pool list and the buffer\nfree list, this causes a buffer leak as described below.\n\nxp_free() checks if a buffer is already on the free list using\nlist_empty(\u0026xskb-\u003elist_node). When list_del() is used to remove a node\nfrom the xskb pool list, it doesn\u0027t reinitialize the node pointers.\nThis means list_empty() will return false even after the node has been\nremoved, causing xp_free() to incorrectly skip adding the buffer to the\nfree list.\n\nFix this by using list_del_init() instead of list_del() in all fragment\nhandling paths, this ensures the list node is reinitialized after removal,\nallowing the list_empty() to work correctly."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T06:05:01.188Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d"
},
{
"url": "https://git.kernel.org/stable/c/2a9ea988465ece5b6896b1bdc144170a64e84c35"
},
{
"url": "https://git.kernel.org/stable/c/645c6d8376ad4913cbffe0e0c2cca0c4febbe596"
},
{
"url": "https://git.kernel.org/stable/c/b38cbd4af5034635cff109e08788c63f956f3a69"
},
{
"url": "https://git.kernel.org/stable/c/60abb0ac11dccd6b98fd9182bc5f85b621688861"
}
],
"title": "xsk: Fix fragment node deletion to prevent buffer leak",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-23326",
"datePublished": "2026-03-25T10:27:19.021Z",
"dateReserved": "2026-01-13T15:37:45.996Z",
"dateUpdated": "2026-04-13T06:05:01.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-23326",
"date": "2026-04-24",
"epss": "0.00013",
"percentile": "0.02338"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-23326\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-03-25T11:16:29.687\",\"lastModified\":\"2026-04-23T21:11:17.750\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nxsk: Fix fragment node deletion to prevent buffer leak\\n\\nAfter commit b692bf9a7543 (\\\"xsk: Get rid of xdp_buff_xsk::xskb_list_node\\\"),\\nthe list_node field is reused for both the xskb pool list and the buffer\\nfree list, this causes a buffer leak as described below.\\n\\nxp_free() checks if a buffer is already on the free list using\\nlist_empty(\u0026xskb-\u003elist_node). When list_del() is used to remove a node\\nfrom the xskb pool list, it doesn\u0027t reinitialize the node pointers.\\nThis means list_empty() will return false even after the node has been\\nremoved, causing xp_free() to incorrectly skip adding the buffer to the\\nfree list.\\n\\nFix this by using list_del_init() instead of list_del() in all fragment\\nhandling paths, this ensures the list node is reinitialized after removal,\\nallowing the list_empty() to work correctly.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\\n\\nxsk: Corrige la eliminaci\u00f3n de nodos de fragmento para prevenir una fuga de b\u00fafer\\n\\nDespu\u00e9s del commit b692bf9a7543 (\u0027xsk: Elimina xdp_buff_xsk::xskb_list_node\u0027), el campo list_node se reutiliza tanto para la lista de la piscina xskb como para la lista de b\u00faferes libres, esto causa una fuga de b\u00fafer como se describe a continuaci\u00f3n.\\n\\nxp_free() comprueba si un b\u00fafer ya est\u00e1 en la lista de libres usando list_empty(\u0026amp;xskb-\u0026gt;list_node). Cuando se usa list_del() para eliminar un nodo de la lista de la piscina xskb, no reinicializa los punteros del nodo. Esto significa que list_empty() devolver\u00e1 falso incluso despu\u00e9s de que el nodo haya sido eliminado, causando que xp_free() omita incorrectamente a\u00f1adir el b\u00fafer a la lista de libres.\\n\\nSoluciona esto usando list_del_init() en lugar de list_del() en todas las rutas de manejo de fragmentos, esto asegura que el nodo de la lista se reinicialice despu\u00e9s de la eliminaci\u00f3n, permitiendo que list_empty() funcione correctamente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13.1\",\"versionEndExcluding\":\"6.18.17\",\"matchCriteriaId\":\"40E7536C-DA22-4B7D-9953-0343B4D9A3E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.7\",\"matchCriteriaId\":\"69245D10-0B71-485E-80C3-A64F077004D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A3F9505-6B98-4269-8B81-127E55A1BF00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F253B622-8837-4245-BCE5-A7BF8FC76A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F666C8D8-6538-46D4-B318-87610DE64C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02259FDA-961B-47BC-AE7F-93D7EC6E90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2315C0-D46F-4F85-9754-F9E5E11374A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"512EE3A8-A590-4501-9A94-5D4B268D6138\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2a9ea988465ece5b6896b1bdc144170a64e84c35\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/60abb0ac11dccd6b98fd9182bc5f85b621688861\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/645c6d8376ad4913cbffe0e0c2cca0c4febbe596\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b38cbd4af5034635cff109e08788c63f956f3a69\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
FKIE_CVE-2026-23326
Vulnerability from fkie_nvd - Published: 2026-03-25 11:16 - Updated: 2026-04-23 21:11
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
xsk: Fix fragment node deletion to prevent buffer leak
After commit b692bf9a7543 ("xsk: Get rid of xdp_buff_xsk::xskb_list_node"),
the list_node field is reused for both the xskb pool list and the buffer
free list, this causes a buffer leak as described below.
xp_free() checks if a buffer is already on the free list using
list_empty(&xskb->list_node). When list_del() is used to remove a node
from the xskb pool list, it doesn't reinitialize the node pointers.
This means list_empty() will return false even after the node has been
removed, causing xp_free() to incorrectly skip adding the buffer to the
free list.
Fix this by using list_del_init() instead of list_del() in all fragment
handling paths, this ensures the list node is reinitialized after removal,
allowing the list_empty() to work correctly.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.13 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40E7536C-DA22-4B7D-9953-0343B4D9A3E6",
"versionEndExcluding": "6.18.17",
"versionStartIncluding": "6.13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69245D10-0B71-485E-80C3-A64F077004D3",
"versionEndExcluding": "6.19.7",
"versionStartIncluding": "6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:-:*:*:*:*:*:*",
"matchCriteriaId": "5A3F9505-6B98-4269-8B81-127E55A1BF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix fragment node deletion to prevent buffer leak\n\nAfter commit b692bf9a7543 (\"xsk: Get rid of xdp_buff_xsk::xskb_list_node\"),\nthe list_node field is reused for both the xskb pool list and the buffer\nfree list, this causes a buffer leak as described below.\n\nxp_free() checks if a buffer is already on the free list using\nlist_empty(\u0026xskb-\u003elist_node). When list_del() is used to remove a node\nfrom the xskb pool list, it doesn\u0027t reinitialize the node pointers.\nThis means list_empty() will return false even after the node has been\nremoved, causing xp_free() to incorrectly skip adding the buffer to the\nfree list.\n\nFix this by using list_del_init() instead of list_del() in all fragment\nhandling paths, this ensures the list node is reinitialized after removal,\nallowing the list_empty() to work correctly."
},
{
"lang": "es",
"value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nxsk: Corrige la eliminaci\u00f3n de nodos de fragmento para prevenir una fuga de b\u00fafer\n\nDespu\u00e9s del commit b692bf9a7543 (\u0027xsk: Elimina xdp_buff_xsk::xskb_list_node\u0027), el campo list_node se reutiliza tanto para la lista de la piscina xskb como para la lista de b\u00faferes libres, esto causa una fuga de b\u00fafer como se describe a continuaci\u00f3n.\n\nxp_free() comprueba si un b\u00fafer ya est\u00e1 en la lista de libres usando list_empty(\u0026amp;xskb-\u0026gt;list_node). Cuando se usa list_del() para eliminar un nodo de la lista de la piscina xskb, no reinicializa los punteros del nodo. Esto significa que list_empty() devolver\u00e1 falso incluso despu\u00e9s de que el nodo haya sido eliminado, causando que xp_free() omita incorrectamente a\u00f1adir el b\u00fafer a la lista de libres.\n\nSoluciona esto usando list_del_init() en lugar de list_del() en todas las rutas de manejo de fragmentos, esto asegura que el nodo de la lista se reinicialice despu\u00e9s de la eliminaci\u00f3n, permitiendo que list_empty() funcione correctamente."
}
],
"id": "CVE-2026-23326",
"lastModified": "2026-04-23T21:11:17.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-03-25T11:16:29.687",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/2a9ea988465ece5b6896b1bdc144170a64e84c35"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/5172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/60abb0ac11dccd6b98fd9182bc5f85b621688861"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/645c6d8376ad4913cbffe0e0c2cca0c4febbe596"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b38cbd4af5034635cff109e08788c63f956f3a69"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2026-0861
Vulnerability from csaf_certbund - Published: 2026-03-24 23:00 - Updated: 2026-03-25 23:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service zu verursachen, Sicherheitsmaßnahmen zu umgehen, Informationen offenzulegen, weitere nicht spezifizierte Auswirkungen zu verursachen und potentiell Code auszuführen.
Betroffene Betriebssysteme: - Linux
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service zu verursachen, Sicherheitsma\u00dfnahmen zu umgehen, Informationen offenzulegen, weitere nicht spezifizierte Auswirkungen zu verursachen und potentiell Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0861 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0861.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0861 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23279",
"url": "https://lore.kernel.org/linux-cve-announce/2026032522-CVE-2026-23279-cf34@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23280",
"url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23280-cd9e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23281",
"url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23281-2e62@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23282",
"url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23282-bad0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23283",
"url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23283-3d92@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23284",
"url": "https://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23284-ca53@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23285",
"url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23285-ad41@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23286",
"url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23286-8a7e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23287",
"url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23287-93b2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23288",
"url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23288-1d11@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23289",
"url": "https://lore.kernel.org/linux-cve-announce/2026032524-CVE-2026-23289-aa54@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23290",
"url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23290-af97@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23291",
"url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23291-eae3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23292",
"url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23292-67e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23293",
"url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23293-b422@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23294",
"url": "https://lore.kernel.org/linux-cve-announce/2026032525-CVE-2026-23294-1682@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23295",
"url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23295-59d2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23296",
"url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23296-eb4a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23297",
"url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23297-bcad@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23298",
"url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23298-fad9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23299",
"url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23299-6471@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23300",
"url": "https://lore.kernel.org/linux-cve-announce/2026032526-CVE-2026-23300-9bc4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23301",
"url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23301-09e7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23302",
"url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23302-e03d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23303",
"url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23303-8e38@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23304",
"url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23304-485b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23305",
"url": "https://lore.kernel.org/linux-cve-announce/2026032527-CVE-2026-23305-5fa4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23306",
"url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23306-8854@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23307",
"url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23307-60f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23308",
"url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23308-1e72@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23309",
"url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23309-4243@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23310",
"url": "https://lore.kernel.org/linux-cve-announce/2026032528-CVE-2026-23310-9b67@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23311",
"url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23311-8c0b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23312",
"url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23312-2b11@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23313",
"url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23313-925e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23314",
"url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23314-166c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23315",
"url": "https://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23315-9ac1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23316",
"url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23316-2ce3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23317",
"url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23317-0e9e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23318",
"url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23318-bef0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23319",
"url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23319-1e3d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23320",
"url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23320-0ae7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23321",
"url": "https://lore.kernel.org/linux-cve-announce/2026032530-CVE-2026-23321-6059@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23322",
"url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23322-9fd3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23323",
"url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23323-53db@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23324",
"url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23324-bc9e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23325",
"url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23325-4e3b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23326",
"url": "https://lore.kernel.org/linux-cve-announce/2026032531-CVE-2026-23326-ffc6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23327",
"url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23327-c497@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23328",
"url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23328-9600@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23329",
"url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23329-c743@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23330",
"url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23330-00fd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23331",
"url": "https://lore.kernel.org/linux-cve-announce/2026032532-CVE-2026-23331-735b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23332",
"url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23332-50e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23333",
"url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23333-417f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23334",
"url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23334-1b12@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23335",
"url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23335-602d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23336",
"url": "https://lore.kernel.org/linux-cve-announce/2026032533-CVE-2026-23336-d365@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23337",
"url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23337-5018@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23338",
"url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23338-67c7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23339",
"url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23339-263f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23340",
"url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23340-1aa9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23341",
"url": "https://lore.kernel.org/linux-cve-announce/2026032534-CVE-2026-23341-3f7b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23342",
"url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23342-8456@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23343",
"url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23343-dc2b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23344",
"url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23344-0279@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23345",
"url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23345-c154@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23346",
"url": "https://lore.kernel.org/linux-cve-announce/2026032535-CVE-2026-23346-faed@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23347",
"url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23347-fa08@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23348",
"url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23348-e792@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23349",
"url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23349-aa6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23350",
"url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23350-f4be@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23351",
"url": "https://lore.kernel.org/linux-cve-announce/2026032536-CVE-2026-23351-637f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23352",
"url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23352-18f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23353",
"url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23353-d0c3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23354",
"url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23354-d9b2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23355",
"url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23355-86df@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23356",
"url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23356-0014@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23357",
"url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23357-605e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23358",
"url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23358-1042@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23359",
"url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23359-35fd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23360",
"url": "https://lore.kernel.org/linux-cve-announce/2026032538-CVE-2026-23360-c464@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23361",
"url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23361-bd5c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23362",
"url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23362-40bd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23363",
"url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23363-3e24@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23364",
"url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23364-4267@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23365",
"url": "https://lore.kernel.org/linux-cve-announce/2026032539-CVE-2026-23365-76d3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23366",
"url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23366-a7c4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23367",
"url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23367-6e44@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23368",
"url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23368-c240@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23369",
"url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23369-b6c6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23370",
"url": "https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23370-02d2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23371",
"url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23371-1b32@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23372",
"url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23372-7bc9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23373",
"url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23373-0203@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23374",
"url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23374-9345@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23375",
"url": "https://lore.kernel.org/linux-cve-announce/2026032541-CVE-2026-23375-91b1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23376",
"url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23376-114a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23377",
"url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23377-cb04@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23378",
"url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23378-f329@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23379",
"url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23379-3b2d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23380",
"url": "https://lore.kernel.org/linux-cve-announce/2026032542-CVE-2026-23380-9e3c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23381",
"url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23381-378d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23382",
"url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23382-26fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23383",
"url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23383-f205@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23384",
"url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23384-489a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23385",
"url": "https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23385-3414@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23386",
"url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23386-acc4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23387",
"url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23387-4399@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23388",
"url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23388-9e71@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23389",
"url": "https://lore.kernel.org/linux-cve-announce/2026032544-CVE-2026-23389-2056@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23390",
"url": "https://lore.kernel.org/linux-cve-announce/2026032537-CVE-2026-23390-7146@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23391",
"url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23391-bb43@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23392",
"url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23392-fd9d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23393",
"url": "https://lore.kernel.org/linux-cve-announce/2026032548-CVE-2026-23393-c395@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23394",
"url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23394-9205@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23395",
"url": "https://lore.kernel.org/linux-cve-announce/2026032549-CVE-2026-23395-5e50@gregkh/"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-25T23:00:00.000+00:00",
"generator": {
"date": "2026-03-26T07:56:13.854+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0861",
"initial_release_date": "2026-03-24T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-15382, EUVD-2026-15378, EUVD-2026-15381, EUVD-2026-15376, EUVD-2026-15374, EUVD-2026-15372, EUVD-2026-15371, EUVD-2026-15367, EUVD-2026-15368, EUVD-2026-15363, EUVD-2026-15365, EUVD-2026-15362, EUVD-2026-15359, EUVD-2026-15357, EUVD-2026-15355, EUVD-2026-15353, EUVD-2026-15351, EUVD-2026-15350, EUVD-2026-15345, EUVD-2026-15343, EUVD-2026-15344, EUVD-2026-15342, EUVD-2026-15336, EUVD-2026-15340, EUVD-2026-15339, EUVD-2026-15334, EUVD-2026-15332, EUVD-2026-15330, EUVD-2026-15328, EUVD-2026-15325, EUVD-2026-15329, EUVD-2026-15321, EUVD-2026-15323, EUVD-2026-15319, EUVD-2026-15317, EUVD-2026-15313, EUVD-2026-15312, EUVD-2026-15311, EUVD-2026-15310, EUVD-2026-15309, EUVD-2026-15308, EUVD-2026-15305, EUVD-2026-15307, EUVD-2026-15304, EUVD-2026-15299, EUVD-2026-15298, EUVD-2026-15295, EUVD-2026-15293, EUVD-2026-15292, EUVD-2026-15289, EUVD-2026-15287, EUVD-2026-15285, EUVD-2026-15284, EUVD-2026-15279, EUVD-2026-15278, EUVD-2026-15277, EUVD-2026-15276, EUVD-2026-15272, EUVD-2026-15274, EUVD-2026-15271, EUVD-2026-15269, EUVD-2026-15267, EUVD-2026-15263, EUVD-2026-15261, EUVD-2026-15258, EUVD-2026-15256, EUVD-2026-15254, EUVD-2026-15253, EUVD-2026-15252, EUVD-2026-15251, EUVD-2026-15250, EUVD-2026-15245, EUVD-2026-15248, EUVD-2026-15242, EUVD-2026-15238, EUVD-2026-15240, EUVD-2026-15235, EUVD-2026-15236, EUVD-2026-15234, EUVD-2026-15231, EUVD-2026-15233, EUVD-2026-15227, EUVD-2026-15224, EUVD-2026-15225, EUVD-2026-15221, EUVD-2026-15220, EUVD-2026-15218, EUVD-2026-15219, EUVD-2026-15216, EUVD-2026-15215, EUVD-2026-15211, EUVD-2026-15206, EUVD-2026-15208, EUVD-2026-15204, EUVD-2026-15200, EUVD-2026-15203, EUVD-2026-15198, EUVD-2026-15366, EUVD-2026-15384, EUVD-2026-15387, EUVD-2026-15388, EUVD-2026-15390, EUVD-2026-15392, EUVD-2026-15393, EUVD-2026-15394, EUVD-2026-15396, EUVD-2026-15398, EUVD-2026-15281, EUVD-2026-15348, EUVD-2026-15391, EUVD-2026-15331, EUVD-2026-15315, EUVD-2026-15301, EUVD-2026-15264, EUVD-2026-15246, EUVD-2026-15230, EUVD-2026-15212"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T028462",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:unspecified"
}
}
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23279",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23279"
},
{
"cve": "CVE-2026-23280",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23280"
},
{
"cve": "CVE-2026-23281",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23281"
},
{
"cve": "CVE-2026-23282",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23282"
},
{
"cve": "CVE-2026-23283",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23283"
},
{
"cve": "CVE-2026-23284",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23284"
},
{
"cve": "CVE-2026-23285",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23285"
},
{
"cve": "CVE-2026-23286",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23286"
},
{
"cve": "CVE-2026-23287",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23287"
},
{
"cve": "CVE-2026-23288",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23288"
},
{
"cve": "CVE-2026-23289",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23289"
},
{
"cve": "CVE-2026-23290",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23290"
},
{
"cve": "CVE-2026-23291",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23291"
},
{
"cve": "CVE-2026-23292",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23292"
},
{
"cve": "CVE-2026-23293",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23293"
},
{
"cve": "CVE-2026-23294",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23294"
},
{
"cve": "CVE-2026-23295",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23295"
},
{
"cve": "CVE-2026-23296",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23296"
},
{
"cve": "CVE-2026-23297",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23297"
},
{
"cve": "CVE-2026-23298",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23298"
},
{
"cve": "CVE-2026-23299",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23299"
},
{
"cve": "CVE-2026-23300",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23300"
},
{
"cve": "CVE-2026-23301",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23301"
},
{
"cve": "CVE-2026-23302",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23302"
},
{
"cve": "CVE-2026-23303",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23303"
},
{
"cve": "CVE-2026-23304",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23304"
},
{
"cve": "CVE-2026-23305",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23305"
},
{
"cve": "CVE-2026-23306",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23306"
},
{
"cve": "CVE-2026-23307",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23307"
},
{
"cve": "CVE-2026-23308",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23308"
},
{
"cve": "CVE-2026-23309",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23309"
},
{
"cve": "CVE-2026-23310",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23310"
},
{
"cve": "CVE-2026-23311",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23311"
},
{
"cve": "CVE-2026-23312",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23312"
},
{
"cve": "CVE-2026-23313",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23313"
},
{
"cve": "CVE-2026-23314",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23314"
},
{
"cve": "CVE-2026-23315",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23315"
},
{
"cve": "CVE-2026-23316",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23316"
},
{
"cve": "CVE-2026-23317",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23317"
},
{
"cve": "CVE-2026-23318",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23318"
},
{
"cve": "CVE-2026-23319",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23319"
},
{
"cve": "CVE-2026-23320",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23320"
},
{
"cve": "CVE-2026-23321",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23321"
},
{
"cve": "CVE-2026-23322",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23322"
},
{
"cve": "CVE-2026-23323",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23323"
},
{
"cve": "CVE-2026-23324",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23324"
},
{
"cve": "CVE-2026-23325",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23325"
},
{
"cve": "CVE-2026-23326",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23326"
},
{
"cve": "CVE-2026-23327",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23327"
},
{
"cve": "CVE-2026-23328",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23328"
},
{
"cve": "CVE-2026-23329",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23329"
},
{
"cve": "CVE-2026-23330",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23330"
},
{
"cve": "CVE-2026-23331",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23331"
},
{
"cve": "CVE-2026-23332",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23332"
},
{
"cve": "CVE-2026-23333",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23333"
},
{
"cve": "CVE-2026-23334",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23334"
},
{
"cve": "CVE-2026-23335",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23335"
},
{
"cve": "CVE-2026-23336",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23336"
},
{
"cve": "CVE-2026-23337",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23337"
},
{
"cve": "CVE-2026-23338",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23338"
},
{
"cve": "CVE-2026-23339",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23339"
},
{
"cve": "CVE-2026-23340",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23340"
},
{
"cve": "CVE-2026-23341",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23341"
},
{
"cve": "CVE-2026-23342",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23342"
},
{
"cve": "CVE-2026-23343",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23343"
},
{
"cve": "CVE-2026-23344",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23344"
},
{
"cve": "CVE-2026-23345",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23345"
},
{
"cve": "CVE-2026-23346",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23346"
},
{
"cve": "CVE-2026-23347",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23347"
},
{
"cve": "CVE-2026-23348",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23348"
},
{
"cve": "CVE-2026-23349",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23349"
},
{
"cve": "CVE-2026-23350",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23350"
},
{
"cve": "CVE-2026-23351",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23351"
},
{
"cve": "CVE-2026-23352",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23352"
},
{
"cve": "CVE-2026-23353",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23353"
},
{
"cve": "CVE-2026-23354",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23354"
},
{
"cve": "CVE-2026-23355",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23355"
},
{
"cve": "CVE-2026-23356",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23356"
},
{
"cve": "CVE-2026-23357",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23357"
},
{
"cve": "CVE-2026-23358",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23358"
},
{
"cve": "CVE-2026-23359",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23359"
},
{
"cve": "CVE-2026-23360",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23360"
},
{
"cve": "CVE-2026-23361",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23361"
},
{
"cve": "CVE-2026-23362",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23362"
},
{
"cve": "CVE-2026-23363",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23363"
},
{
"cve": "CVE-2026-23364",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23364"
},
{
"cve": "CVE-2026-23365",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23365"
},
{
"cve": "CVE-2026-23366",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23366"
},
{
"cve": "CVE-2026-23367",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23367"
},
{
"cve": "CVE-2026-23368",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23368"
},
{
"cve": "CVE-2026-23369",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23369"
},
{
"cve": "CVE-2026-23370",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23370"
},
{
"cve": "CVE-2026-23371",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23371"
},
{
"cve": "CVE-2026-23372",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23372"
},
{
"cve": "CVE-2026-23373",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23373"
},
{
"cve": "CVE-2026-23374",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23374"
},
{
"cve": "CVE-2026-23375",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23375"
},
{
"cve": "CVE-2026-23376",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23376"
},
{
"cve": "CVE-2026-23377",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23377"
},
{
"cve": "CVE-2026-23378",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23378"
},
{
"cve": "CVE-2026-23379",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23379"
},
{
"cve": "CVE-2026-23380",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23380"
},
{
"cve": "CVE-2026-23381",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23381"
},
{
"cve": "CVE-2026-23382",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23382"
},
{
"cve": "CVE-2026-23383",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23383"
},
{
"cve": "CVE-2026-23384",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23384"
},
{
"cve": "CVE-2026-23385",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23385"
},
{
"cve": "CVE-2026-23386",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23386"
},
{
"cve": "CVE-2026-23387",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23387"
},
{
"cve": "CVE-2026-23388",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23388"
},
{
"cve": "CVE-2026-23389",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23389"
},
{
"cve": "CVE-2026-23390",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23390"
},
{
"cve": "CVE-2026-23391",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23391"
},
{
"cve": "CVE-2026-23392",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23392"
},
{
"cve": "CVE-2026-23393",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23393"
},
{
"cve": "CVE-2026-23394",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23394"
},
{
"cve": "CVE-2026-23395",
"product_status": {
"known_affected": [
"T028462"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-23395"
}
]
}
CERTFR-2026-AVI-0497
Vulnerability from certfr_avis - Published: 2026-04-24 - Updated: 2026-04-24
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 16.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | SUSE Linux Micro Extras | SUSE Linux Micro Extras 6.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP applications 16.0 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Micro Extras | SUSE Linux Micro Extras 6.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.1 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Micro Extras | SUSE Linux Micro Extras 6.0 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.1",
"product": {
"name": "SUSE Linux Micro Extras",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.2",
"product": {
"name": "SUSE Linux Micro Extras",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP7",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.0",
"product": {
"name": "SUSE Linux Micro Extras",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-23202",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23202"
},
{
"name": "CVE-2026-23054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23054"
},
{
"name": "CVE-2026-23072",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23072"
},
{
"name": "CVE-2026-23281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23281"
},
{
"name": "CVE-2026-23069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23069"
},
{
"name": "CVE-2026-23293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23293"
},
{
"name": "CVE-2026-23297",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23297"
},
{
"name": "CVE-2026-23187",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23187"
},
{
"name": "CVE-2026-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23136"
},
{
"name": "CVE-2025-68794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68794"
},
{
"name": "CVE-2025-40309",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40309"
},
{
"name": "CVE-2026-23383",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23383"
},
{
"name": "CVE-2026-23412",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23412"
},
{
"name": "CVE-2026-5201",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5201"
},
{
"name": "CVE-2026-23047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23047"
},
{
"name": "CVE-2026-23268",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23268"
},
{
"name": "CVE-2026-23304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23304"
},
{
"name": "CVE-2026-23209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23209"
},
{
"name": "CVE-2026-23326",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23326"
},
{
"name": "CVE-2026-23317",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23317"
},
{
"name": "CVE-2025-38234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38234"
},
{
"name": "CVE-2025-71239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71239"
},
{
"name": "CVE-2026-23207",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23207"
},
{
"name": "CVE-2026-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23138"
},
{
"name": "CVE-2026-23204",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23204"
},
{
"name": "CVE-2026-23125",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23125"
},
{
"name": "CVE-2026-23319",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23319"
},
{
"name": "CVE-2026-23270",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23270"
},
{
"name": "CVE-2026-23030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23030"
},
{
"name": "CVE-2026-23240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23240"
},
{
"name": "CVE-2026-23191",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23191"
},
{
"name": "CVE-2026-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23169"
},
{
"name": "CVE-2026-23201",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23201"
},
{
"name": "CVE-2026-23103",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23103"
},
{
"name": "CVE-2026-23074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23074"
},
{
"name": "CVE-2025-71125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71125"
},
{
"name": "CVE-2026-23262",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23262"
},
{
"name": "CVE-2026-23088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23088"
},
{
"name": "CVE-2026-23414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23414"
},
{
"name": "CVE-2026-22999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22999"
},
{
"name": "CVE-2026-23216",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23216"
},
{
"name": "CVE-2026-23239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23239"
},
{
"name": "CVE-2025-40201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40201"
},
{
"name": "CVE-2025-39998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39998"
},
{
"name": "CVE-2026-23259",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23259"
},
{
"name": "CVE-2026-23255",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23255"
},
{
"name": "CVE-2026-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23140"
},
{
"name": "CVE-2025-71269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71269"
},
{
"name": "CVE-2026-23243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23243"
},
{
"name": "CVE-2026-23193",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23193"
},
{
"name": "CVE-2026-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23215"
},
{
"name": "CVE-2026-23379",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23379"
},
{
"name": "CVE-2026-23381",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23381"
},
{
"name": "CVE-2026-23242",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23242"
},
{
"name": "CVE-2026-23274",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23274"
},
{
"name": "CVE-2025-71066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71066"
},
{
"name": "CVE-2026-23361",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23361"
},
{
"name": "CVE-2025-71268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71268"
},
{
"name": "CVE-2026-23425",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23425"
},
{
"name": "CVE-2026-23278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23278"
},
{
"name": "CVE-2026-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23343"
},
{
"name": "CVE-2026-23120",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23120"
},
{
"name": "CVE-2026-23292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23292"
},
{
"name": "CVE-2026-23277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23277"
},
{
"name": "CVE-2025-68818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68818"
},
{
"name": "CVE-2026-23335",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23335"
},
{
"name": "CVE-2026-31788",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31788"
},
{
"name": "CVE-2026-23393",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23393"
},
{
"name": "CVE-2025-39817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39817"
},
{
"name": "CVE-2024-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38542"
},
{
"name": "CVE-2026-23272",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23272"
},
{
"name": "CVE-2025-40253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40253"
},
{
"name": "CVE-2026-23395",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23395"
},
{
"name": "CVE-2025-71120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71120"
},
{
"name": "CVE-2026-23413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23413"
},
{
"name": "CVE-2026-23111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23111"
},
{
"name": "CVE-2025-71231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71231"
},
{
"name": "CVE-2026-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23157"
},
{
"name": "CVE-2026-23231",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23231"
},
{
"name": "CVE-2026-23419",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23419"
},
{
"name": "CVE-2026-23386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23386"
},
{
"name": "CVE-2026-23398",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23398"
},
{
"name": "CVE-2025-40159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40159"
},
{
"name": "CVE-2026-23154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23154"
}
],
"initial_release_date": "2026-04-24T00:00:00",
"last_revision_date": "2026-04-24T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0497",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1532-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261532-1"
},
{
"published_at": "2026-04-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21230-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621230-1"
},
{
"published_at": "2026-04-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1463-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261463-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1574-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261574-1"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1527-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261527-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21114-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621114-1"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1531-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261531-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1583-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261583-1"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1505-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261505-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21221-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621221-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21120-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621120-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21123-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621123-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1573-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261573-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1578-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261578-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21122-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621122-1"
},
{
"published_at": "2026-04-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1458-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261458-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1560-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261560-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21131-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621131-1"
},
{
"published_at": "2026-04-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1469-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261469-1"
},
{
"published_at": "2026-04-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1444-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261444-1"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1537-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261537-1"
},
{
"published_at": "2026-04-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21129-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621129-1"
},
{
"published_at": "2026-04-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1557-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261557-1"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1535-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261535-1"
},
{
"published_at": "2026-04-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1464-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261464-1"
},
{
"published_at": "2026-04-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1456-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261456-1"
},
{
"published_at": "2026-04-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1447-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261447-1"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1513-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261513-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1563-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261563-1"
},
{
"published_at": "2026-04-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21255-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621255-1"
},
{
"published_at": "2026-04-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1454-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261454-1"
},
{
"published_at": "2026-04-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:21237-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621237-1"
},
{
"published_at": "2026-04-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1468-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261468-1"
},
{
"published_at": "2026-04-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:1575-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261575-1"
}
]
}
SUSE-SU-2026:21237-1
Vulnerability from csaf_suse - Published: 2026-04-20 15:44 - Updated: 2026-04-20 15:44Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073).
- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
- CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647).
- CVE-2025-71239: audit: add fchmodat2() to change attributes class (bsc#1259759).
- CVE-2026-23072: l2tp: Fix memleak in l2tp_udp_encap_recv() (bsc#1257708).
- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
- CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280).
- CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293).
- CVE-2026-23138: kABI: Preserve values of the trace recursion bits (bsc#1258301).
- CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305).
- CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330).
- CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414).
- CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337).
- CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340).
- CVE-2026-23215: x86/vmware: Fix hypercall clobbers (bsc#1258476).
- CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447).
- CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (bsc#1259188).
- CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).
- CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484).
- CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795).
- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).
- CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891).
- CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870).
- CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886).
- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009).
- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
- CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997).
- CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).
- CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464).
- CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500).
- CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).
- CVE-2026-23297: nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit() (bsc#1260490).
- CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544).
- CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim (bsc#1260735).
- CVE-2026-23326: xsk: Fix fragment node deletion to prevent buffer leak (bsc#1260606).
- CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550).
- CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527).
- CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732).
- CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481).
- CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).
- CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497).
- CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799).
- CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).
- CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730).
- CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).
- CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496).
- CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507).
- CVE-2026-23425: KVM: arm64: Fix ID register initialization for non-protected pKVM guests (bsc#1261506).
- CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).
The following non security issues were fixed:
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461).
- KVM: x86: synthesize CPUID bits only if CPU capability is set (bsc#1257511).
- Revert "drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129)."
- Update config files (bsc#1254307).
- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
- apparmor: fix differential encoding verification (bsc#1258849).
- apparmor: fix memory leak in verify_header (bsc#1258849).
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
- apparmor: fix race on rawdata dereference (bsc#1258849).
- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
- bpf, btf: Enforce destructor kfunc type with CFI (bsc#1259955).
- bpf: crypto: Use the correct destructor kfunc type (bsc#1259955).
- btrfs: only enforce free space tree if v1 cache is required for bs < ps cases (bsc#1260459).
- btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777).
- dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes).
- drm/amdkfd: Unreserve bo if queue update failed (git-fixes).
- drm/i915/display: Add module param to skip retraining of dp link (bsc#1253129).
- drm/i915/dsc: Add Selective Update register definitions (stable-fixes).
- drm/i915/dsc: Add helper for writing DSC Selective Update ET parameters (stable-fixes).
- firmware: microchip: fail auto-update probe if no flash found (git-fixes).
- kABI: Include trace recursion bits in kABI tracking (bsc#1258301).
- net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).
- nvme: add support for dynamic quirk configuration via module parameter (bsc#1243208).
- nvme: expose active quirks in sysfs (bsc#1243208).
- nvme: fix memory leak in quirks_param_set() (bsc#1243208).
- powerpc/crash: adjust the elfcorehdr size (jsc#PED-11175 git-fixes).
- powerpc/kdump: Fix size calculation for hot-removed memory ranges (jsc#PED-11175 git-fixes).
- s390/cio: Update purge function to unregister the unused subchannels (bsc#1254214).
- s390/ipl: Clear SBP flag when bootprog is set (bsc#1258175).
- s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306).
- scsi: fnic: Add Cisco hardware model names (jsc#PED-15441).
- scsi: fnic: Add and integrate support for FDMI (jsc#PED-15441).
- scsi: fnic: Add and integrate support for FIP (jsc#PED-15441).
- scsi: fnic: Add functionality in fnic to support FDLS (jsc#PED-15441).
- scsi: fnic: Add headers and definitions for FDLS (jsc#PED-15441).
- scsi: fnic: Add stats and related functionality (jsc#PED-15441).
- scsi: fnic: Add support for fabric based solicited requests and responses (jsc#PED-15441).
- scsi: fnic: Add support for target based solicited requests and responses (jsc#PED-15441).
- scsi: fnic: Add support for unsolicited requests and responses (jsc#PED-15441).
- scsi: fnic: Add support to handle port channel RSCN (jsc#PED-15441).
- scsi: fnic: Code cleanup (jsc#PED-15441).
- scsi: fnic: Delete incorrect debugfs error handling (jsc#PED-15441).
- scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (jsc#PED-15441).
- scsi: fnic: Fix indentation and remove unnecessary parenthesis (jsc#PED-15441).
- scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (jsc#PED-15441).
- scsi: fnic: Fix use of uninitialized value in debug message (jsc#PED-15441).
- scsi: fnic: Increment driver version (jsc#PED-15441).
- scsi: fnic: Modify IO path to use FDLS (jsc#PED-15441).
- scsi: fnic: Modify fnic interfaces to use FDLS (jsc#PED-15441).
- scsi: fnic: Propagate SCSI error code from fnic_scsi_drv_init() (jsc#PED-15441).
- scsi: fnic: Remove always-true IS_FNIC_FCP_INITIATOR macro (jsc#PED-15441).
- scsi: fnic: Remove extern definition from .c files (jsc#PED-15441).
- scsi: fnic: Remove unnecessary debug print (jsc#PED-15441).
- scsi: fnic: Remove unnecessary else and unnecessary break in FDLS (jsc#PED-15441).
- scsi: fnic: Remove unnecessary else to fix warning in FDLS FIP (jsc#PED-15441).
- scsi: fnic: Remove unnecessary spinlock locking and unlocking (jsc#PED-15441).
- scsi: fnic: Replace fnic->lock_flags with local flags (jsc#PED-15441).
- scsi: fnic: Replace shost_printk() with dev_info()/dev_err() (jsc#PED-15441).
- scsi: fnic: Replace use of sizeof with standard usage (jsc#PED-15441).
- scsi: fnic: Return appropriate error code for mem alloc failure (jsc#PED-15441).
- scsi: fnic: Return appropriate error code from failure of scsi drv init (jsc#PED-15441).
- scsi: fnic: Test for memory allocation failure and return error code (jsc#PED-15441).
- scsi: fnic: Turn off FDMI ACTIVE flags on link down (jsc#PED-15441).
- scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1255687).
- scsi: scsi_transport_sas: Fix the maximum channel scanning issue (bsc#1255687, git-fixes).
- scsi: smartpqi: Fix memory leak in pqi_report_phys_luns() (git-fixes, jsc#PED-15042).
- selftests/bpf: Use the correct destructor kfunc type (bsc#1259955).
- selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590).
- tg3: Fix race for querying speed/duplex (bsc#1257183).
- x86/platform/uv: Handle deconfigured sockets (bsc#1260347).
Patchnames: SUSE-SL-Micro-6.2-596
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.8 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073).\n- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).\n- CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647).\n- CVE-2025-71239: audit: add fchmodat2() to change attributes class (bsc#1259759).\n- CVE-2026-23072: l2tp: Fix memleak in l2tp_udp_encap_recv() (bsc#1257708).\n- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).\n- CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280).\n- CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293).\n- CVE-2026-23138: kABI: Preserve values of the trace recursion bits (bsc#1258301).\n- CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305).\n- CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc-\u003edomains (bsc#1258330).\n- CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414).\n- CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337).\n- CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340).\n- CVE-2026-23215: x86/vmware: Fix hypercall clobbers (bsc#1258476).\n- CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447).\n- CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (bsc#1259188).\n- CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).\n- CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484).\n- CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795).\n- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).\n- CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891).\n- CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870).\n- CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886).\n- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set-\u003enelems before insertion (bsc#1260009).\n- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).\n- CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997).\n- CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).\n- CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464).\n- CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500).\n- CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).\n- CVE-2026-23297: nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit() (bsc#1260490).\n- CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544).\n- CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim (bsc#1260735).\n- CVE-2026-23326: xsk: Fix fragment node deletion to prevent buffer leak (bsc#1260606).\n- CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550).\n- CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527).\n- CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732).\n- CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481).\n- CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).\n- CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497).\n- CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799).\n- CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).\n- CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730).\n- CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).\n- CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496).\n- CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507).\n- CVE-2026-23425: KVM: arm64: Fix ID register initialization for non-protected pKVM guests (bsc#1261506).\n- CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).\n\nThe following non security issues were fixed:\n\n- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461).\n- KVM: x86: synthesize CPUID bits only if CPU capability is set (bsc#1257511).\n- Revert \"drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129).\"\n- Update config files (bsc#1254307).\n- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).\n- apparmor: fix differential encoding verification (bsc#1258849).\n- apparmor: fix memory leak in verify_header (bsc#1258849).\n- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).\n- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).\n- apparmor: fix race on rawdata dereference (bsc#1258849).\n- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).\n- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).\n- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).\n- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).\n- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).\n- bpf, btf: Enforce destructor kfunc type with CFI (bsc#1259955).\n- bpf: crypto: Use the correct destructor kfunc type (bsc#1259955).\n- btrfs: only enforce free space tree if v1 cache is required for bs \u003c ps cases (bsc#1260459).\n- btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777).\n- dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes).\n- drm/amdkfd: Unreserve bo if queue update failed (git-fixes).\n- drm/i915/display: Add module param to skip retraining of dp link (bsc#1253129).\n- drm/i915/dsc: Add Selective Update register definitions (stable-fixes).\n- drm/i915/dsc: Add helper for writing DSC Selective Update ET parameters (stable-fixes).\n- firmware: microchip: fail auto-update probe if no flash found (git-fixes).\n- kABI: Include trace recursion bits in kABI tracking (bsc#1258301).\n- net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).\n- nvme: add support for dynamic quirk configuration via module parameter (bsc#1243208).\n- nvme: expose active quirks in sysfs (bsc#1243208).\n- nvme: fix memory leak in quirks_param_set() (bsc#1243208).\n- powerpc/crash: adjust the elfcorehdr size (jsc#PED-11175 git-fixes).\n- powerpc/kdump: Fix size calculation for hot-removed memory ranges (jsc#PED-11175 git-fixes).\n- s390/cio: Update purge function to unregister the unused subchannels (bsc#1254214).\n- s390/ipl: Clear SBP flag when bootprog is set (bsc#1258175).\n- s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306).\n- scsi: fnic: Add Cisco hardware model names (jsc#PED-15441).\n- scsi: fnic: Add and integrate support for FDMI (jsc#PED-15441).\n- scsi: fnic: Add and integrate support for FIP (jsc#PED-15441).\n- scsi: fnic: Add functionality in fnic to support FDLS (jsc#PED-15441).\n- scsi: fnic: Add headers and definitions for FDLS (jsc#PED-15441).\n- scsi: fnic: Add stats and related functionality (jsc#PED-15441).\n- scsi: fnic: Add support for fabric based solicited requests and responses (jsc#PED-15441).\n- scsi: fnic: Add support for target based solicited requests and responses (jsc#PED-15441).\n- scsi: fnic: Add support for unsolicited requests and responses (jsc#PED-15441).\n- scsi: fnic: Add support to handle port channel RSCN (jsc#PED-15441).\n- scsi: fnic: Code cleanup (jsc#PED-15441).\n- scsi: fnic: Delete incorrect debugfs error handling (jsc#PED-15441).\n- scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (jsc#PED-15441).\n- scsi: fnic: Fix indentation and remove unnecessary parenthesis (jsc#PED-15441).\n- scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (jsc#PED-15441).\n- scsi: fnic: Fix use of uninitialized value in debug message (jsc#PED-15441).\n- scsi: fnic: Increment driver version (jsc#PED-15441).\n- scsi: fnic: Modify IO path to use FDLS (jsc#PED-15441).\n- scsi: fnic: Modify fnic interfaces to use FDLS (jsc#PED-15441).\n- scsi: fnic: Propagate SCSI error code from fnic_scsi_drv_init() (jsc#PED-15441).\n- scsi: fnic: Remove always-true IS_FNIC_FCP_INITIATOR macro (jsc#PED-15441).\n- scsi: fnic: Remove extern definition from .c files (jsc#PED-15441).\n- scsi: fnic: Remove unnecessary debug print (jsc#PED-15441).\n- scsi: fnic: Remove unnecessary else and unnecessary break in FDLS (jsc#PED-15441).\n- scsi: fnic: Remove unnecessary else to fix warning in FDLS FIP (jsc#PED-15441).\n- scsi: fnic: Remove unnecessary spinlock locking and unlocking (jsc#PED-15441).\n- scsi: fnic: Replace fnic-\u003elock_flags with local flags (jsc#PED-15441).\n- scsi: fnic: Replace shost_printk() with dev_info()/dev_err() (jsc#PED-15441).\n- scsi: fnic: Replace use of sizeof with standard usage (jsc#PED-15441).\n- scsi: fnic: Return appropriate error code for mem alloc failure (jsc#PED-15441).\n- scsi: fnic: Return appropriate error code from failure of scsi drv init (jsc#PED-15441).\n- scsi: fnic: Test for memory allocation failure and return error code (jsc#PED-15441).\n- scsi: fnic: Turn off FDMI ACTIVE flags on link down (jsc#PED-15441).\n- scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1255687).\n- scsi: scsi_transport_sas: Fix the maximum channel scanning issue (bsc#1255687, git-fixes).\n- scsi: smartpqi: Fix memory leak in pqi_report_phys_luns() (git-fixes, jsc#PED-15042).\n- selftests/bpf: Use the correct destructor kfunc type (bsc#1259955).\n- selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590).\n- tg3: Fix race for querying speed/duplex (bsc#1257183).\n- x86/platform/uv: Handle deconfigured sockets (bsc#1260347).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-596",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21237-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21237-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621237-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21237-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045853.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191256",
"url": "https://bugzilla.suse.com/1191256"
},
{
"category": "self",
"summary": "SUSE Bug 1191270",
"url": "https://bugzilla.suse.com/1191270"
},
{
"category": "self",
"summary": "SUSE Bug 1194778",
"url": "https://bugzilla.suse.com/1194778"
},
{
"category": "self",
"summary": "SUSE Bug 1207184",
"url": "https://bugzilla.suse.com/1207184"
},
{
"category": "self",
"summary": "SUSE Bug 1217845",
"url": "https://bugzilla.suse.com/1217845"
},
{
"category": "self",
"summary": "SUSE Bug 1222768",
"url": "https://bugzilla.suse.com/1222768"
},
{
"category": "self",
"summary": "SUSE Bug 1243208",
"url": "https://bugzilla.suse.com/1243208"
},
{
"category": "self",
"summary": "SUSE Bug 1252073",
"url": "https://bugzilla.suse.com/1252073"
},
{
"category": "self",
"summary": "SUSE Bug 1253129",
"url": "https://bugzilla.suse.com/1253129"
},
{
"category": "self",
"summary": "SUSE Bug 1254214",
"url": "https://bugzilla.suse.com/1254214"
},
{
"category": "self",
"summary": "SUSE Bug 1254306",
"url": "https://bugzilla.suse.com/1254306"
},
{
"category": "self",
"summary": "SUSE Bug 1254307",
"url": "https://bugzilla.suse.com/1254307"
},
{
"category": "self",
"summary": "SUSE Bug 1255084",
"url": "https://bugzilla.suse.com/1255084"
},
{
"category": "self",
"summary": "SUSE Bug 1255687",
"url": "https://bugzilla.suse.com/1255687"
},
{
"category": "self",
"summary": "SUSE Bug 1256647",
"url": "https://bugzilla.suse.com/1256647"
},
{
"category": "self",
"summary": "SUSE Bug 1257183",
"url": "https://bugzilla.suse.com/1257183"
},
{
"category": "self",
"summary": "SUSE Bug 1257511",
"url": "https://bugzilla.suse.com/1257511"
},
{
"category": "self",
"summary": "SUSE Bug 1257708",
"url": "https://bugzilla.suse.com/1257708"
},
{
"category": "self",
"summary": "SUSE Bug 1257773",
"url": "https://bugzilla.suse.com/1257773"
},
{
"category": "self",
"summary": "SUSE Bug 1257777",
"url": "https://bugzilla.suse.com/1257777"
},
{
"category": "self",
"summary": "SUSE Bug 1258175",
"url": "https://bugzilla.suse.com/1258175"
},
{
"category": "self",
"summary": "SUSE Bug 1258280",
"url": "https://bugzilla.suse.com/1258280"
},
{
"category": "self",
"summary": "SUSE Bug 1258293",
"url": "https://bugzilla.suse.com/1258293"
},
{
"category": "self",
"summary": "SUSE Bug 1258301",
"url": "https://bugzilla.suse.com/1258301"
},
{
"category": "self",
"summary": "SUSE Bug 1258305",
"url": "https://bugzilla.suse.com/1258305"
},
{
"category": "self",
"summary": "SUSE Bug 1258330",
"url": "https://bugzilla.suse.com/1258330"
},
{
"category": "self",
"summary": "SUSE Bug 1258337",
"url": "https://bugzilla.suse.com/1258337"
},
{
"category": "self",
"summary": "SUSE Bug 1258340",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "self",
"summary": "SUSE Bug 1258414",
"url": "https://bugzilla.suse.com/1258414"
},
{
"category": "self",
"summary": "SUSE Bug 1258447",
"url": "https://bugzilla.suse.com/1258447"
},
{
"category": "self",
"summary": "SUSE Bug 1258476",
"url": "https://bugzilla.suse.com/1258476"
},
{
"category": "self",
"summary": "SUSE Bug 1258849",
"url": "https://bugzilla.suse.com/1258849"
},
{
"category": "self",
"summary": "SUSE Bug 1259188",
"url": "https://bugzilla.suse.com/1259188"
},
{
"category": "self",
"summary": "SUSE Bug 1259461",
"url": "https://bugzilla.suse.com/1259461"
},
{
"category": "self",
"summary": "SUSE Bug 1259484",
"url": "https://bugzilla.suse.com/1259484"
},
{
"category": "self",
"summary": "SUSE Bug 1259485",
"url": "https://bugzilla.suse.com/1259485"
},
{
"category": "self",
"summary": "SUSE Bug 1259580",
"url": "https://bugzilla.suse.com/1259580"
},
{
"category": "self",
"summary": "SUSE Bug 1259707",
"url": "https://bugzilla.suse.com/1259707"
},
{
"category": "self",
"summary": "SUSE Bug 1259759",
"url": "https://bugzilla.suse.com/1259759"
},
{
"category": "self",
"summary": "SUSE Bug 1259795",
"url": "https://bugzilla.suse.com/1259795"
},
{
"category": "self",
"summary": "SUSE Bug 1259797",
"url": "https://bugzilla.suse.com/1259797"
},
{
"category": "self",
"summary": "SUSE Bug 1259870",
"url": "https://bugzilla.suse.com/1259870"
},
{
"category": "self",
"summary": "SUSE Bug 1259886",
"url": "https://bugzilla.suse.com/1259886"
},
{
"category": "self",
"summary": "SUSE Bug 1259891",
"url": "https://bugzilla.suse.com/1259891"
},
{
"category": "self",
"summary": "SUSE Bug 1259955",
"url": "https://bugzilla.suse.com/1259955"
},
{
"category": "self",
"summary": "SUSE Bug 1259997",
"url": "https://bugzilla.suse.com/1259997"
},
{
"category": "self",
"summary": "SUSE Bug 1259998",
"url": "https://bugzilla.suse.com/1259998"
},
{
"category": "self",
"summary": "SUSE Bug 1260005",
"url": "https://bugzilla.suse.com/1260005"
},
{
"category": "self",
"summary": "SUSE Bug 1260009",
"url": "https://bugzilla.suse.com/1260009"
},
{
"category": "self",
"summary": "SUSE Bug 1260347",
"url": "https://bugzilla.suse.com/1260347"
},
{
"category": "self",
"summary": "SUSE Bug 1260459",
"url": "https://bugzilla.suse.com/1260459"
},
{
"category": "self",
"summary": "SUSE Bug 1260464",
"url": "https://bugzilla.suse.com/1260464"
},
{
"category": "self",
"summary": "SUSE Bug 1260471",
"url": "https://bugzilla.suse.com/1260471"
},
{
"category": "self",
"summary": "SUSE Bug 1260481",
"url": "https://bugzilla.suse.com/1260481"
},
{
"category": "self",
"summary": "SUSE Bug 1260486",
"url": "https://bugzilla.suse.com/1260486"
},
{
"category": "self",
"summary": "SUSE Bug 1260490",
"url": "https://bugzilla.suse.com/1260490"
},
{
"category": "self",
"summary": "SUSE Bug 1260497",
"url": "https://bugzilla.suse.com/1260497"
},
{
"category": "self",
"summary": "SUSE Bug 1260500",
"url": "https://bugzilla.suse.com/1260500"
},
{
"category": "self",
"summary": "SUSE Bug 1260522",
"url": "https://bugzilla.suse.com/1260522"
},
{
"category": "self",
"summary": "SUSE Bug 1260527",
"url": "https://bugzilla.suse.com/1260527"
},
{
"category": "self",
"summary": "SUSE Bug 1260544",
"url": "https://bugzilla.suse.com/1260544"
},
{
"category": "self",
"summary": "SUSE Bug 1260550",
"url": "https://bugzilla.suse.com/1260550"
},
{
"category": "self",
"summary": "SUSE Bug 1260606",
"url": "https://bugzilla.suse.com/1260606"
},
{
"category": "self",
"summary": "SUSE Bug 1260730",
"url": "https://bugzilla.suse.com/1260730"
},
{
"category": "self",
"summary": "SUSE Bug 1260732",
"url": "https://bugzilla.suse.com/1260732"
},
{
"category": "self",
"summary": "SUSE Bug 1260735",
"url": "https://bugzilla.suse.com/1260735"
},
{
"category": "self",
"summary": "SUSE Bug 1260799",
"url": "https://bugzilla.suse.com/1260799"
},
{
"category": "self",
"summary": "SUSE Bug 1261496",
"url": "https://bugzilla.suse.com/1261496"
},
{
"category": "self",
"summary": "SUSE Bug 1261498",
"url": "https://bugzilla.suse.com/1261498"
},
{
"category": "self",
"summary": "SUSE Bug 1261506",
"url": "https://bugzilla.suse.com/1261506"
},
{
"category": "self",
"summary": "SUSE Bug 1261507",
"url": "https://bugzilla.suse.com/1261507"
},
{
"category": "self",
"summary": "SUSE Bug 1261669",
"url": "https://bugzilla.suse.com/1261669"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40253 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71239 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23072 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23103 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23125 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23138 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23193 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23201 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23215 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23216 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23231 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23240 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23242 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23242/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23243 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23255 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23262 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23262/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23270 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23272 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23274 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23277 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23278 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23292 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23293 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23297 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23304 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23319 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23326 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23326/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23335 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23343 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23361 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23379 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23381 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23386 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23393 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23398 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23413 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23419 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23425 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31788 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31788/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-04-20T15:44:52Z",
"generator": {
"date": "2026-04-20T15:44:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21237-1",
"initial_release_date": "2026-04-20T15:44:52Z",
"revision_history": [
{
"date": "2026-04-20T15:44:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-64kb-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-64kb-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-64kb-6.12.0-160000.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-64kb-devel-6.12.0-160000.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-default-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-default-6.12.0-160000.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"product": {
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"product_id": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-default-devel-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-default-devel-6.12.0-160000.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-default-extra-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-default-extra-6.12.0-160000.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-rt-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-rt-6.12.0-160000.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"product": {
"name": "kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"product_id": "kernel-rt-devel-6.12.0-160000.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.12.0-160000.28.1.noarch",
"product": {
"name": "kernel-devel-6.12.0-160000.28.1.noarch",
"product_id": "kernel-devel-6.12.0-160000.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.12.0-160000.28.1.noarch",
"product": {
"name": "kernel-macros-6.12.0-160000.28.1.noarch",
"product_id": "kernel-macros-6.12.0-160000.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.12.0-160000.28.1.noarch",
"product": {
"name": "kernel-source-6.12.0-160000.28.1.noarch",
"product_id": "kernel-source-6.12.0-160000.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.28.1.ppc64le",
"product": {
"name": "kernel-default-6.12.0-160000.28.1.ppc64le",
"product_id": "kernel-default-6.12.0-160000.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"product": {
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"product_id": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"product_id": "kernel-default-devel-6.12.0-160000.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"product_id": "kernel-default-extra-6.12.0-160000.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"product_id": "kernel-default-livepatch-6.12.0-160000.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.28.1.s390x",
"product": {
"name": "kernel-default-6.12.0-160000.28.1.s390x",
"product_id": "kernel-default-6.12.0-160000.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.28.1.s390x",
"product": {
"name": "kernel-default-devel-6.12.0-160000.28.1.s390x",
"product_id": "kernel-default-devel-6.12.0-160000.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.28.1.s390x",
"product": {
"name": "kernel-default-extra-6.12.0-160000.28.1.s390x",
"product_id": "kernel-default-extra-6.12.0-160000.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"product_id": "kernel-default-livepatch-6.12.0-160000.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-default-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-default-6.12.0-160000.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"product": {
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"product_id": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-default-devel-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-default-devel-6.12.0-160000.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-default-extra-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-default-extra-6.12.0-160000.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-default-livepatch-6.12.0-160000.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-rt-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-rt-6.12.0-160000.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-rt-devel-6.12.0-160000.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"product_id": "kernel-rt-livepatch-6.12.0-160000.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-64kb-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-default-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.28.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le"
},
"product_reference": "kernel-default-6.12.0-160000.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.28.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x"
},
"product_reference": "kernel-default-6.12.0-160000.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-default-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64"
},
"product_reference": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le"
},
"product_reference": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64"
},
"product_reference": "kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.28.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.28.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x"
},
"product_reference": "kernel-default-devel-6.12.0-160000.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.28.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le"
},
"product_reference": "kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.28.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x"
},
"product_reference": "kernel-default-extra-6.12.0-160000.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.28.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.28.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.12.0-160000.28.1.noarch as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch"
},
"product_reference": "kernel-devel-6.12.0-160000.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.12.0-160000.28.1.noarch as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch"
},
"product_reference": "kernel-macros-6.12.0-160000.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-rt-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-rt-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.12.0-160000.28.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64"
},
"product_reference": "kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.12.0-160000.28.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.12.0-160000.28.1.noarch as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
},
"product_reference": "kernel-source-6.12.0-160000.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: target_core_configfs: Add length check to avoid buffer overflow\n\nA buffer overflow arises from the usage of snprintf to write into the\nbuffer \"buf\" in target_lu_gp_members_show function located in\n/drivers/target/target_core_configfs.c. This buffer is allocated with\nsize LU_GROUP_NAME_BUF (256 bytes).\n\nsnprintf(...) formats multiple strings into buf with the HBA name\n(hba-\u003ehba_group.cg_item), a slash character, a devicename (dev-\u003e\ndev_group.cg_item) and a newline character, the total formatted string\nlength may exceed the buffer size of 256 bytes.\n\nSince snprintf() returns the total number of bytes that would have been\nwritten (the length of %s/%sn ), this value may exceed the buffer length\n(256 bytes) passed to memcpy(), this will ultimately cause function\nmemcpy reporting a buffer overflow error.\n\nAn additional check of the return value of snprintf() can avoid this\nbuffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39998",
"url": "https://www.suse.com/security/cve/CVE-2025-39998"
},
{
"category": "external",
"summary": "SUSE Bug 1252073 for CVE-2025-39998",
"url": "https://bugzilla.suse.com/1252073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39998"
},
{
"cve": "CVE-2025-40253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40253"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ctcm: Fix double-kfree\n\nThe function \u0027mpc_rcvd_sweep_req(mpcginfo)\u0027 is called conditionally\nfrom function \u0027ctcmpc_unpack_skb\u0027. It frees passed mpcginfo.\nAfter that a call to function \u0027kfree\u0027 in function \u0027ctcmpc_unpack_skb\u0027\nfrees it again.\n\nRemove \u0027kfree\u0027 call in function \u0027mpc_rcvd_sweep_req(mpcginfo)\u0027.\n\nBug detected by the clang static analyzer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40253",
"url": "https://www.suse.com/security/cve/CVE-2025-40253"
},
{
"category": "external",
"summary": "SUSE Bug 1255084 for CVE-2025-40253",
"url": "https://bugzilla.suse.com/1255084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-40253"
},
{
"cve": "CVE-2025-68794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: adjust read range correctly for non-block-aligned positions\n\niomap_adjust_read_range() assumes that the position and length passed in\nare block-aligned. This is not always the case however, as shown in the\nsyzbot generated case for erofs. This causes too many bytes to be\nskipped for uptodate blocks, which results in returning the incorrect\nposition and length to read in. If all the blocks are uptodate, this\nunderflows length and returns a position beyond the folio.\n\nFix the calculation to also take into account the block offset when\ncalculating how many bytes can be skipped for uptodate blocks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68794",
"url": "https://www.suse.com/security/cve/CVE-2025-68794"
},
{
"category": "external",
"summary": "SUSE Bug 1256647 for CVE-2025-68794",
"url": "https://bugzilla.suse.com/1256647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-68794"
},
{
"cve": "CVE-2025-71239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: add fchmodat2() to change attributes class\n\nfchmodat2(), introduced in version 6.6 is currently not in the change\nattribute class of audit. Calling fchmodat2() to change a file\nattribute in the same fashion than chmod() or fchmodat() will bypass\naudit rules such as:\n\n-w /tmp/test -p rwa -k test_rwa\n\nThe current patch adds fchmodat2() to the change attributes class.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71239",
"url": "https://www.suse.com/security/cve/CVE-2025-71239"
},
{
"category": "external",
"summary": "SUSE Bug 1259759 for CVE-2025-71239",
"url": "https://bugzilla.suse.com/1259759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "low"
}
],
"title": "CVE-2025-71239"
},
{
"cve": "CVE-2026-23072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: Fix memleak in l2tp_udp_encap_recv().\n\nsyzbot reported memleak of struct l2tp_session, l2tp_tunnel,\nsock, etc. [0]\n\nThe cited commit moved down the validation of the protocol\nversion in l2tp_udp_encap_recv().\n\nThe new place requires an extra error handling to avoid the\nmemleak.\n\nLet\u0027s call l2tp_session_put() there.\n\n[0]:\nBUG: memory leak\nunreferenced object 0xffff88810a290200 (size 512):\n comm \"syz.0.17\", pid 6086, jiffies 4294944299\n hex dump (first 32 bytes):\n 7d eb 04 0c 00 00 00 00 01 00 00 00 00 00 00 00 }...............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc babb6a4f):\n kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]\n slab_post_alloc_hook mm/slub.c:4958 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n __do_kmalloc_node mm/slub.c:5656 [inline]\n __kmalloc_noprof+0x3e0/0x660 mm/slub.c:5669\n kmalloc_noprof include/linux/slab.h:961 [inline]\n kzalloc_noprof include/linux/slab.h:1094 [inline]\n l2tp_session_create+0x3a/0x3b0 net/l2tp/l2tp_core.c:1778\n pppol2tp_connect+0x48b/0x920 net/l2tp/l2tp_ppp.c:755\n __sys_connect_file+0x7a/0xb0 net/socket.c:2089\n __sys_connect+0xde/0x110 net/socket.c:2108\n __do_sys_connect net/socket.c:2114 [inline]\n __se_sys_connect net/socket.c:2111 [inline]\n __x64_sys_connect+0x1c/0x30 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa4/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23072",
"url": "https://www.suse.com/security/cve/CVE-2026-23072"
},
{
"category": "external",
"summary": "SUSE Bug 1257708 for CVE-2026-23072",
"url": "https://bugzilla.suse.com/1257708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23072"
},
{
"cve": "CVE-2026-23103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Make the addrs_lock be per port\n\nMake the addrs_lock be per port, not per ipvlan dev.\n\nInitial code seems to be written in the assumption,\nthat any address change must occur under RTNL.\nBut it is not so for the case of IPv6. So\n\n1) Introduce per-port addrs_lock.\n\n2) It was needed to fix places where it was forgotten\nto take lock (ipvlan_open/ipvlan_close)\n\nThis appears to be a very minor problem though.\nSince it\u0027s highly unlikely that ipvlan_add_addr() will\nbe called on 2 CPU simultaneously. But nevertheless,\nthis could cause:\n\n1) False-negative of ipvlan_addr_busy(): one interface\niterated through all port-\u003eipvlans + ipvlan-\u003eaddrs\nunder some ipvlan spinlock, and another added IP\nunder its own lock. Though this is only possible\nfor IPv6, since looks like only ipvlan_addr6_event() can be\ncalled without rtnl_lock.\n\n2) Race since ipvlan_ht_addr_add(port) is called under\ndifferent ipvlan-\u003eaddrs_lock locks\n\nThis should not affect performance, since add/remove IP\nis a rare situation and spinlock is not taken on fast\npaths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23103",
"url": "https://www.suse.com/security/cve/CVE-2026-23103"
},
{
"category": "external",
"summary": "SUSE Bug 1257773 for CVE-2026-23103",
"url": "https://bugzilla.suse.com/1257773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23103"
},
{
"cve": "CVE-2026-23120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: avoid one data-race in l2tp_tunnel_del_work()\n\nWe should read sk-\u003esk_socket only when dealing with kernel sockets.\n\nsyzbot reported the following data-race:\n\nBUG: KCSAN: data-race in l2tp_tunnel_del_work / sk_common_release\n\nwrite to 0xffff88811c182b20 of 8 bytes by task 5365 on cpu 0:\n sk_set_socket include/net/sock.h:2092 [inline]\n sock_orphan include/net/sock.h:2118 [inline]\n sk_common_release+0xae/0x230 net/core/sock.c:4003\n udp_lib_close+0x15/0x20 include/net/udp.h:325\n inet_release+0xce/0xf0 net/ipv4/af_inet.c:437\n __sock_release net/socket.c:662 [inline]\n sock_close+0x6b/0x150 net/socket.c:1455\n __fput+0x29b/0x650 fs/file_table.c:468\n ____fput+0x1c/0x30 fs/file_table.c:496\n task_work_run+0x131/0x1a0 kernel/task_work.c:233\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n __exit_to_user_mode_loop kernel/entry/common.c:44 [inline]\n exit_to_user_mode_loop+0x1fe/0x740 kernel/entry/common.c:75\n __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]\n syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]\n do_syscall_64+0x1e1/0x2b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nread to 0xffff88811c182b20 of 8 bytes by task 827 on cpu 1:\n l2tp_tunnel_del_work+0x2f/0x1a0 net/l2tp/l2tp_core.c:1418\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0x4ce/0x9d0 kernel/workqueue.c:3340\n worker_thread+0x582/0x770 kernel/workqueue.c:3421\n kthread+0x489/0x510 kernel/kthread.c:463\n ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n\nvalue changed: 0xffff88811b818000 -\u003e 0x0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23120",
"url": "https://www.suse.com/security/cve/CVE-2026-23120"
},
{
"category": "external",
"summary": "SUSE Bug 1258280 for CVE-2026-23120",
"url": "https://bugzilla.suse.com/1258280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23120"
},
{
"cve": "CVE-2026-23125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT\n\nA null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key\ninitialization fails:\n\n ==================================================================\n KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n CPU: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G W 6.6.0 #2\n RIP: 0010:sctp_packet_bundle_auth net/sctp/output.c:264 [inline]\n RIP: 0010:sctp_packet_append_chunk+0xb36/0x1260 net/sctp/output.c:401\n Call Trace:\n\n sctp_packet_transmit_chunk+0x31/0x250 net/sctp/output.c:189\n sctp_outq_flush_data+0xa29/0x26d0 net/sctp/outqueue.c:1111\n sctp_outq_flush+0xc80/0x1240 net/sctp/outqueue.c:1217\n sctp_cmd_interpreter.isra.0+0x19a5/0x62c0 net/sctp/sm_sideeffect.c:1787\n sctp_side_effects net/sctp/sm_sideeffect.c:1198 [inline]\n sctp_do_sm+0x1a3/0x670 net/sctp/sm_sideeffect.c:1169\n sctp_assoc_bh_rcv+0x33e/0x640 net/sctp/associola.c:1052\n sctp_inq_push+0x1dd/0x280 net/sctp/inqueue.c:88\n sctp_rcv+0x11ae/0x3100 net/sctp/input.c:243\n sctp6_rcv+0x3d/0x60 net/sctp/ipv6.c:1127\n\nThe issue is triggered when sctp_auth_asoc_init_active_key() fails in\nsctp_sf_do_5_1C_ack() while processing an INIT_ACK. In this case, the\ncommand sequence is currently:\n\n- SCTP_CMD_PEER_INIT\n- SCTP_CMD_TIMER_STOP (T1_INIT)\n- SCTP_CMD_TIMER_START (T1_COOKIE)\n- SCTP_CMD_NEW_STATE (COOKIE_ECHOED)\n- SCTP_CMD_ASSOC_SHKEY\n- SCTP_CMD_GEN_COOKIE_ECHO\n\nIf SCTP_CMD_ASSOC_SHKEY fails, asoc-\u003eshkey remains NULL, while\nasoc-\u003epeer.auth_capable and asoc-\u003epeer.peer_chunks have already been set by\nSCTP_CMD_PEER_INIT. This allows a DATA chunk with auth = 1 and shkey = NULL\nto be queued by sctp_datamsg_from_user().\n\nSince command interpretation stops on failure, no COOKIE_ECHO should been\nsent via SCTP_CMD_GEN_COOKIE_ECHO. However, the T1_COOKIE timer has already\nbeen started, and it may enqueue a COOKIE_ECHO into the outqueue later. As\na result, the DATA chunk can be transmitted together with the COOKIE_ECHO\nin sctp_outq_flush_data(), leading to the observed issue.\n\nSimilar to the other places where it calls sctp_auth_asoc_init_active_key()\nright after sctp_process_init(), this patch moves the SCTP_CMD_ASSOC_SHKEY\nimmediately after SCTP_CMD_PEER_INIT, before stopping T1_INIT and starting\nT1_COOKIE. This ensures that if shared key generation fails, authenticated\nDATA cannot be sent. It also allows the T1_INIT timer to retransmit INIT,\ngiving the client another chance to process INIT_ACK and retry key setup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23125",
"url": "https://www.suse.com/security/cve/CVE-2026-23125"
},
{
"category": "external",
"summary": "SUSE Bug 1258293 for CVE-2026-23125",
"url": "https://bugzilla.suse.com/1258293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23125"
},
{
"cve": "CVE-2026-23138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add recursion protection in kernel stack trace recording\n\nA bug was reported about an infinite recursion caused by tracing the rcu\nevents with the kernel stack trace trigger enabled. The stack trace code\ncalled back into RCU which then called the stack trace again.\n\nExpand the ftrace recursion protection to add a set of bits to protect\nevents from recursion. Each bit represents the context that the event is\nin (normal, softirq, interrupt and NMI).\n\nHave the stack trace code use the interrupt context to protect against\nrecursion.\n\nNote, the bug showed an issue in both the RCU code as well as the tracing\nstacktrace code. This only handles the tracing stack trace side of the\nbug. The RCU fix will be handled separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23138",
"url": "https://www.suse.com/security/cve/CVE-2026-23138"
},
{
"category": "external",
"summary": "SUSE Bug 1258301 for CVE-2026-23138",
"url": "https://bugzilla.suse.com/1258301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23138"
},
{
"cve": "CVE-2026-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Subtract size of xdp_frame from allowed metadata size\n\nThe xdp_frame structure takes up part of the XDP frame headroom,\nlimiting the size of the metadata. However, in bpf_test_run, we don\u0027t\ntake this into account, which makes it possible for userspace to supply\na metadata size that is too large (taking up the entire headroom).\n\nIf userspace supplies such a large metadata size in live packet mode,\nthe xdp_update_frame_from_buff() call in xdp_test_run_init_page() call\nwill fail, after which packet transmission proceeds with an\nuninitialised frame structure, leading to the usual Bad Stuff.\n\nThe commit in the Fixes tag fixed a related bug where the second check\nin xdp_update_frame_from_buff() could fail, but did not add any\nadditional constraints on the metadata size. Complete the fix by adding\nan additional check on the metadata size. Reorder the checks slightly to\nmake the logic clearer and add a comment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23140",
"url": "https://www.suse.com/security/cve/CVE-2026-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1258305 for CVE-2026-23140",
"url": "https://bugzilla.suse.com/1258305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23140"
},
{
"cve": "CVE-2026-23187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8m-blk-ctrl: fix out-of-range access of bc-\u003edomains\n\nFix out-of-range access of bc-\u003edomains in imx8m_blk_ctrl_remove().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23187",
"url": "https://www.suse.com/security/cve/CVE-2026-23187"
},
{
"category": "external",
"summary": "SUSE Bug 1258330 for CVE-2026-23187",
"url": "https://bugzilla.suse.com/1258330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23187"
},
{
"cve": "CVE-2026-23193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23193"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()\n\nIn iscsit_dec_session_usage_count(), the function calls complete() while\nholding the sess-\u003esession_usage_lock. Similar to the connection usage count\nlogic, the waiter signaled by complete() (e.g., in the session release\npath) may wake up and free the iscsit_session structure immediately.\n\nThis creates a race condition where the current thread may attempt to\nexecute spin_unlock_bh() on a session structure that has already been\ndeallocated, resulting in a KASAN slab-use-after-free.\n\nTo resolve this, release the session_usage_lock before calling complete()\nto ensure all dereferences of the sess pointer are finished before the\nwaiter is allowed to proceed with deallocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23193",
"url": "https://www.suse.com/security/cve/CVE-2026-23193"
},
{
"category": "external",
"summary": "SUSE Bug 1258414 for CVE-2026-23193",
"url": "https://bugzilla.suse.com/1258414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23193"
},
{
"cve": "CVE-2026-23201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix oops due to invalid pointer for kfree() in parse_longname()\n\nThis fixes a kernel oops when reading ceph snapshot directories (.snap),\nfor example by simply running `ls /mnt/my_ceph/.snap`.\n\nThe variable str is guarded by __free(kfree), but advanced by one for\nskipping the initial \u0027_\u0027 in snapshot names. Thus, kfree() is called\nwith an invalid pointer. This patch removes the need for advancing the\npointer so kfree() is called with correct memory pointer.\n\nSteps to reproduce:\n\n1. Create snapshots on a cephfs volume (I\u0027ve 63 snaps in my testcase)\n\n2. Add cephfs mount to fstab\n$ echo \"samba-fileserver@.files=/volumes/datapool/stuff/3461082b-ecc9-4e82-8549-3fd2590d3fb6 /mnt/test/stuff ceph acl,noatime,_netdev 0 0\" \u003e\u003e /etc/fstab\n\n3. Reboot the system\n$ systemctl reboot\n\n4. Check if it\u0027s really mounted\n$ mount | grep stuff\n\n5. List snapshots (expected 63 snapshots on my system)\n$ ls /mnt/test/stuff/.snap\n\nNow ls hangs forever and the kernel log shows the oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23201",
"url": "https://www.suse.com/security/cve/CVE-2026-23201"
},
{
"category": "external",
"summary": "SUSE Bug 1258337 for CVE-2026-23201",
"url": "https://bugzilla.suse.com/1258337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23201"
},
{
"cve": "CVE-2026-23204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23204",
"url": "https://www.suse.com/security/cve/CVE-2026-23204"
},
{
"category": "external",
"summary": "SUSE Bug 1258340 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "external",
"summary": "SUSE Bug 1259126 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1259126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/vmware: Fix hypercall clobbers\n\nFedora QA reported the following panic:\n\n BUG: unable to handle page fault for address: 0000000040003e54\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20251119-3.fc43 11/19/2025\n RIP: 0010:vmware_hypercall4.constprop.0+0x52/0x90\n ..\n Call Trace:\n vmmouse_report_events+0x13e/0x1b0\n psmouse_handle_byte+0x15/0x60\n ps2_interrupt+0x8a/0xd0\n ...\n\nbecause the QEMU VMware mouse emulation is buggy, and clears the top 32\nbits of %rdi that the kernel kept a pointer in.\n\nThe QEMU vmmouse driver saves and restores the register state in a\n\"uint32_t data[6];\" and as a result restores the state with the high\nbits all cleared.\n\nRDI originally contained the value of a valid kernel stack address\n(0xff5eeb3240003e54). After the vmware hypercall it now contains\n0x40003e54, and we get a page fault as a result when it is dereferenced.\n\nThe proper fix would be in QEMU, but this works around the issue in the\nkernel to keep old setups working, when old kernels had not happened to\nkeep any state in %rdi over the hypercall.\n\nIn theory this same issue exists for all the hypercalls in the vmmouse\ndriver; in practice it has only been seen with vmware_hypercall3() and\nvmware_hypercall4(). For now, just mark RDI/RSI as clobbered for those\ntwo calls. This should have a minimal effect on code generation overall\nas it should be rare for the compiler to want to make RDI/RSI live\nacross hypercalls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23215",
"url": "https://www.suse.com/security/cve/CVE-2026-23215"
},
{
"category": "external",
"summary": "SUSE Bug 1258476 for CVE-2026-23215",
"url": "https://bugzilla.suse.com/1258476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23215"
},
{
"cve": "CVE-2026-23216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()\n\nIn iscsit_dec_conn_usage_count(), the function calls complete() while\nholding the conn-\u003econn_usage_lock. As soon as complete() is invoked, the\nwaiter (such as iscsit_close_connection()) may wake up and proceed to free\nthe iscsit_conn structure.\n\nIf the waiter frees the memory before the current thread reaches\nspin_unlock_bh(), it results in a KASAN slab-use-after-free as the function\nattempts to release a lock within the already-freed connection structure.\n\nFix this by releasing the spinlock before calling complete().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23216",
"url": "https://www.suse.com/security/cve/CVE-2026-23216"
},
{
"category": "external",
"summary": "SUSE Bug 1258447 for CVE-2026-23216",
"url": "https://bugzilla.suse.com/1258447"
},
{
"category": "external",
"summary": "SUSE Bug 1258448 for CVE-2026-23216",
"url": "https://bugzilla.suse.com/1258448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23216"
},
{
"cve": "CVE-2026-23231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix use-after-free in nf_tables_addchain()\n\nnf_tables_addchain() publishes the chain to table-\u003echains via\nlist_add_tail_rcu() (in nft_chain_add()) before registering hooks.\nIf nf_tables_register_hook() then fails, the error path calls\nnft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy()\nwith no RCU grace period in between.\n\nThis creates two use-after-free conditions:\n\n 1) Control-plane: nf_tables_dump_chains() traverses table-\u003echains\n under rcu_read_lock(). A concurrent dump can still be walking\n the chain when the error path frees it.\n\n 2) Packet path: for NFPROTO_INET, nf_register_net_hook() briefly\n installs the IPv4 hook before IPv6 registration fails. Packets\n entering nft_do_chain() via the transient IPv4 hook can still be\n dereferencing chain-\u003eblob_gen_X when the error path frees the\n chain.\n\nAdd synchronize_rcu() between nft_chain_del() and the chain destroy\nso that all RCU readers -- both dump threads and in-flight packet\nevaluation -- have finished before the chain is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23231",
"url": "https://www.suse.com/security/cve/CVE-2026-23231"
},
{
"category": "external",
"summary": "SUSE Bug 1259188 for CVE-2026-23231",
"url": "https://bugzilla.suse.com/1259188"
},
{
"category": "external",
"summary": "SUSE Bug 1259189 for CVE-2026-23231",
"url": "https://bugzilla.suse.com/1259189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23231"
},
{
"cve": "CVE-2026-23239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: Fix race condition in espintcp_close()\n\nThis issue was discovered during a code audit.\n\nAfter cancel_work_sync() is called from espintcp_close(),\nespintcp_tx_work() can still be scheduled from paths such as\nthe Delayed ACK handler or ksoftirqd.\nAs a result, the espintcp_tx_work() worker may dereference a\nfreed espintcp ctx or sk.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\n espintcp_close()\n cancel_work_sync(\u0026ctx-\u003ework);\n espintcp_write_space()\n schedule_work(\u0026ctx-\u003ework);\n\nTo prevent this race condition, cancel_work_sync() is\nreplaced with disable_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23239",
"url": "https://www.suse.com/security/cve/CVE-2026-23239"
},
{
"category": "external",
"summary": "SUSE Bug 1259485 for CVE-2026-23239",
"url": "https://bugzilla.suse.com/1259485"
},
{
"category": "external",
"summary": "SUSE Bug 1262405 for CVE-2026-23239",
"url": "https://bugzilla.suse.com/1262405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23239"
},
{
"cve": "CVE-2026-23240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: Fix race condition in tls_sw_cancel_work_tx()\n\nThis issue was discovered during a code audit.\n\nAfter cancel_delayed_work_sync() is called from tls_sk_proto_close(),\ntx_work_handler() can still be scheduled from paths such as the\nDelayed ACK handler or ksoftirqd.\nAs a result, the tx_work_handler() worker may dereference a freed\nTLS object.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\ntls_sk_proto_close()\n tls_sw_cancel_work_tx()\n tls_write_space()\n tls_sw_write_space()\n if (!test_and_set_bit(BIT_TX_SCHEDULED, \u0026tx_ctx-\u003etx_bitmask))\n set_bit(BIT_TX_SCHEDULED, \u0026ctx-\u003etx_bitmask);\n cancel_delayed_work_sync(\u0026ctx-\u003etx_work.work);\n schedule_delayed_work(\u0026tx_ctx-\u003etx_work.work, 0);\n\nTo prevent this race condition, cancel_delayed_work_sync() is\nreplaced with disable_delayed_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23240",
"url": "https://www.suse.com/security/cve/CVE-2026-23240"
},
{
"category": "external",
"summary": "SUSE Bug 1259484 for CVE-2026-23240",
"url": "https://bugzilla.suse.com/1259484"
},
{
"category": "external",
"summary": "SUSE Bug 1262404 for CVE-2026-23240",
"url": "https://bugzilla.suse.com/1262404"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23240"
},
{
"cve": "CVE-2026-23242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23242"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix potential NULL pointer dereference in header processing\n\nIf siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(),\nqp-\u003erx_fpdu can be NULL. The error path in siw_tcp_rx_data()\ndereferences qp-\u003erx_fpdu-\u003emore_ddp_segs without checking, which\nmay lead to a NULL pointer deref. Only check more_ddp_segs when\nrx_fpdu is present.\n\nKASAN splat:\n[ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]\n[ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23242",
"url": "https://www.suse.com/security/cve/CVE-2026-23242"
},
{
"category": "external",
"summary": "SUSE Bug 1259795 for CVE-2026-23242",
"url": "https://bugzilla.suse.com/1259795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23242"
},
{
"cve": "CVE-2026-23243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23243"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umad: Reject negative data_len in ib_umad_write\n\nib_umad_write computes data_len from user-controlled count and the\nMAD header sizes. With a mismatched user MAD header size and RMPP\nheader length, data_len can become negative and reach ib_create_send_mad().\nThis can make the padding calculation exceed the segment size and trigger\nan out-of-bounds memset in alloc_send_rmpp_list().\n\nAdd an explicit check to reject negative data_len before creating the\nsend buffer.\n\nKASAN splat:\n[ 211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\n[ 211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\n[ 211.365867] ib_create_send_mad+0xa01/0x11b0\n[ 211.365887] ib_umad_write+0x853/0x1c80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23243",
"url": "https://www.suse.com/security/cve/CVE-2026-23243"
},
{
"category": "external",
"summary": "SUSE Bug 1259797 for CVE-2026-23243",
"url": "https://bugzilla.suse.com/1259797"
},
{
"category": "external",
"summary": "SUSE Bug 1259798 for CVE-2026-23243",
"url": "https://bugzilla.suse.com/1259798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23243"
},
{
"cve": "CVE-2026-23255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: add proper RCU protection to /proc/net/ptype\n\nYin Fengwei reported an RCU stall in ptype_seq_show() and provided\na patch.\n\nReal issue is that ptype_seq_next() and ptype_seq_show() violate\nRCU rules.\n\nptype_seq_show() runs under rcu_read_lock(), and reads pt-\u003edev\nto get device name without any barrier.\n\nAt the same time, concurrent writers can remove a packet_type structure\n(which is correctly freed after an RCU grace period) and clear pt-\u003edev\nwithout an RCU grace period.\n\nDefine ptype_iter_state to carry a dev pointer along seq_net_private:\n\nstruct ptype_iter_state {\n\tstruct seq_net_private\tp;\n\tstruct net_device\t*dev; // added in this patch\n};\n\nWe need to record the device pointer in ptype_get_idx() and\nptype_seq_next() so that ptype_seq_show() is safe against\nconcurrent pt-\u003edev changes.\n\nWe also need to add full RCU protection in ptype_seq_next().\n(Missing READ_ONCE() when reading list.next values)\n\nMany thanks to Dong Chenchen for providing a repro.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23255",
"url": "https://www.suse.com/security/cve/CVE-2026-23255"
},
{
"category": "external",
"summary": "SUSE Bug 1259891 for CVE-2026-23255",
"url": "https://bugzilla.suse.com/1259891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23255"
},
{
"cve": "CVE-2026-23262",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23262"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Fix stats report corruption on queue count change\n\nThe driver and the NIC share a region in memory for stats reporting.\nThe NIC calculates its offset into this region based on the total size\nof the stats region and the size of the NIC\u0027s stats.\n\nWhen the number of queues is changed, the driver\u0027s stats region is\nresized. If the queue count is increased, the NIC can write past\nthe end of the allocated stats region, causing memory corruption.\nIf the queue count is decreased, there is a gap between the driver\nand NIC stats, leading to incorrect stats reporting.\n\nThis change fixes the issue by allocating stats region with maximum\nsize, and the offset calculation for NIC stats is changed to match\nwith the calculation of the NIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23262",
"url": "https://www.suse.com/security/cve/CVE-2026-23262"
},
{
"category": "external",
"summary": "SUSE Bug 1259870 for CVE-2026-23262",
"url": "https://bugzilla.suse.com/1259870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23262"
},
{
"cve": "CVE-2026-23270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23270"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks\n\nAs Paolo said earlier [1]:\n\n\"Since the blamed commit below, classify can return TC_ACT_CONSUMED while\nthe current skb being held by the defragmentation engine. As reported by\nGangMin Kim, if such packet is that may cause a UaF when the defrag engine\nlater on tries to tuch again such packet.\"\n\nact_ct was never meant to be used in the egress path, however some users\nare attaching it to egress today [2]. Attempting to reach a middle\nground, we noticed that, while most qdiscs are not handling\nTC_ACT_CONSUMED, clsact/ingress qdiscs are. With that in mind, we\naddress the issue by only allowing act_ct to bind to clsact/ingress\nqdiscs and shared blocks. That way it\u0027s still possible to attach act_ct to\negress (albeit only with clsact).\n\n[1] https://lore.kernel.org/netdev/674b8cbfc385c6f37fb29a1de08d8fe5c2b0fbee.1771321118.git.pabeni@redhat.com/\n[2] https://lore.kernel.org/netdev/cc6bfb4a-4a2b-42d8-b9ce-7ef6644fb22b@ovn.org/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23270",
"url": "https://www.suse.com/security/cve/CVE-2026-23270"
},
{
"category": "external",
"summary": "SUSE Bug 1259886 for CVE-2026-23270",
"url": "https://bugzilla.suse.com/1259886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23270"
},
{
"cve": "CVE-2026-23272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: unconditionally bump set-\u003enelems before insertion\n\nIn case that the set is full, a new element gets published then removed\nwithout waiting for the RCU grace period, while RCU reader can be\nwalking over it already.\n\nTo address this issue, add the element transaction even if set is full,\nbut toggle the set_full flag to report -ENFILE so the abort path safely\nunwinds the set to its previous state.\n\nAs for element updates, decrement set-\u003enelems to restore it.\n\nA simpler fix is to call synchronize_rcu() in the error path.\nHowever, with a large batch adding elements to already maxed-out set,\nthis could cause noticeable slowdown of such batches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23272",
"url": "https://www.suse.com/security/cve/CVE-2026-23272"
},
{
"category": "external",
"summary": "SUSE Bug 1260009 for CVE-2026-23272",
"url": "https://bugzilla.suse.com/1260009"
},
{
"category": "external",
"summary": "SUSE Bug 1260909 for CVE-2026-23272",
"url": "https://bugzilla.suse.com/1260909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23272"
},
{
"cve": "CVE-2026-23274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23274"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels\n\nIDLETIMER revision 0 rules reuse existing timers by label and always call\nmod_timer() on timer-\u003etimer.\n\nIf the label was created first by revision 1 with XT_IDLETIMER_ALARM,\nthe object uses alarm timer semantics and timer-\u003etimer is never initialized.\nReusing that object from revision 0 causes mod_timer() on an uninitialized\ntimer_list, triggering debugobjects warnings and possible panic when\npanic_on_warn=1.\n\nFix this by rejecting revision 0 rule insertion when an existing timer with\nthe same label is of ALARM type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23274",
"url": "https://www.suse.com/security/cve/CVE-2026-23274"
},
{
"category": "external",
"summary": "SUSE Bug 1260005 for CVE-2026-23274",
"url": "https://bugzilla.suse.com/1260005"
},
{
"category": "external",
"summary": "SUSE Bug 1260908 for CVE-2026-23274",
"url": "https://bugzilla.suse.com/1260908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23274"
},
{
"cve": "CVE-2026-23277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit\n\nteql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit\nthrough slave devices, but does not update skb-\u003edev to the slave device\nbeforehand.\n\nWhen a gretap tunnel is a TEQL slave, the transmit path reaches\niptunnel_xmit() which saves dev = skb-\u003edev (still pointing to teql0\nmaster) and later calls iptunnel_xmit_stats(dev, pkt_len). This\nfunction does:\n\n get_cpu_ptr(dev-\u003etstats)\n\nSince teql_master_setup() does not set dev-\u003epcpu_stat_type to\nNETDEV_PCPU_STAT_TSTATS, the core network stack never allocates tstats\nfor teql0, so dev-\u003etstats is NULL. get_cpu_ptr(NULL) computes\nNULL + __per_cpu_offset[cpu], resulting in a page fault.\n\n BUG: unable to handle page fault for address: ffff8880e6659018\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 68bc067 P4D 68bc067 PUD 0\n Oops: Oops: 0002 [#1] SMP KASAN PTI\n RIP: 0010:iptunnel_xmit (./include/net/ip_tunnels.h:664 net/ipv4/ip_tunnel_core.c:89)\n Call Trace:\n \u003cTASK\u003e\n ip_tunnel_xmit (net/ipv4/ip_tunnel.c:847)\n __gre_xmit (net/ipv4/ip_gre.c:478)\n gre_tap_xmit (net/ipv4/ip_gre.c:779)\n teql_master_xmit (net/sched/sch_teql.c:319)\n dev_hard_start_xmit (net/core/dev.c:3887)\n sch_direct_xmit (net/sched/sch_generic.c:347)\n __dev_queue_xmit (net/core/dev.c:4802)\n neigh_direct_output (net/core/neighbour.c:1660)\n ip_finish_output2 (net/ipv4/ip_output.c:237)\n __ip_finish_output.part.0 (net/ipv4/ip_output.c:315)\n ip_mc_output (net/ipv4/ip_output.c:369)\n ip_send_skb (net/ipv4/ip_output.c:1508)\n udp_send_skb (net/ipv4/udp.c:1195)\n udp_sendmsg (net/ipv4/udp.c:1485)\n inet_sendmsg (net/ipv4/af_inet.c:859)\n __sys_sendto (net/socket.c:2206)\n\nFix this by setting skb-\u003edev = slave before calling\nnetdev_start_xmit(), so that tunnel xmit functions see the correct\nslave device with properly allocated tstats.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23277",
"url": "https://www.suse.com/security/cve/CVE-2026-23277"
},
{
"category": "external",
"summary": "SUSE Bug 1259997 for CVE-2026-23277",
"url": "https://bugzilla.suse.com/1259997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23277"
},
{
"cve": "CVE-2026-23278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23278"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: always walk all pending catchall elements\n\nDuring transaction processing we might have more than one catchall element:\n1 live catchall element and 1 pending element that is coming as part of the\nnew batch.\n\nIf the map holding the catchall elements is also going away, its\nrequired to toggle all catchall elements and not just the first viable\ncandidate.\n\nOtherwise, we get:\n WARNING: ./include/net/netfilter/nf_tables.h:1281 at nft_data_release+0xb7/0xe0 [nf_tables], CPU#2: nft/1404\n RIP: 0010:nft_data_release+0xb7/0xe0 [nf_tables]\n [..]\n __nft_set_elem_destroy+0x106/0x380 [nf_tables]\n nf_tables_abort_release+0x348/0x8d0 [nf_tables]\n nf_tables_abort+0xcf2/0x3ac0 [nf_tables]\n nfnetlink_rcv_batch+0x9c9/0x20e0 [..]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23278",
"url": "https://www.suse.com/security/cve/CVE-2026-23278"
},
{
"category": "external",
"summary": "SUSE Bug 1259998 for CVE-2026-23278",
"url": "https://bugzilla.suse.com/1259998"
},
{
"category": "external",
"summary": "SUSE Bug 1260907 for CVE-2026-23278",
"url": "https://bugzilla.suse.com/1260907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23278"
},
{
"cve": "CVE-2026-23281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix use-after-free in lbs_free_adapter()\n\nThe lbs_free_adapter() function uses timer_delete() (non-synchronous)\nfor both command_timer and tx_lockup_timer before the structure is\nfreed. This is incorrect because timer_delete() does not wait for\nany running timer callback to complete.\n\nIf a timer callback is executing when lbs_free_adapter() is called,\nthe callback will access freed memory since lbs_cfg_free() frees the\ncontaining structure immediately after lbs_free_adapter() returns.\n\nBoth timer callbacks (lbs_cmd_timeout_handler and lbs_tx_lockup_handler)\naccess priv-\u003edriver_lock, priv-\u003ecur_cmd, priv-\u003edev, and other fields,\nwhich would all be use-after-free violations.\n\nUse timer_delete_sync() instead to ensure any running timer callback\nhas completed before returning.\n\nThis bug was introduced in commit 8f641d93c38a (\"libertas: detect TX\nlockups and reset hardware\") where del_timer() was used instead of\ndel_timer_sync() in the cleanup path. The command_timer has had the\nsame issue since the driver was first written.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23281",
"url": "https://www.suse.com/security/cve/CVE-2026-23281"
},
{
"category": "external",
"summary": "SUSE Bug 1260464 for CVE-2026-23281",
"url": "https://bugzilla.suse.com/1260464"
},
{
"category": "external",
"summary": "SUSE Bug 1260466 for CVE-2026-23281",
"url": "https://bugzilla.suse.com/1260466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23281"
},
{
"cve": "CVE-2026-23292",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23292"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: Fix recursive locking in __configfs_open_file()\n\nIn flush_write_buffer, \u0026p-\u003efrag_sem is acquired and then the loaded store\nfunction is called, which, here, is target_core_item_dbroot_store(). This\nfunction called filp_open(), following which these functions were called\n(in reverse order), according to the call trace:\n\n down_read\n __configfs_open_file\n do_dentry_open\n vfs_open\n do_open\n path_openat\n do_filp_open\n file_open_name\n filp_open\n target_core_item_dbroot_store\n flush_write_buffer\n configfs_write_iter\n\ntarget_core_item_dbroot_store() tries to validate the new file path by\ntrying to open the file path provided to it; however, in this case, the bug\nreport shows:\n\ndb_root: not a directory: /sys/kernel/config/target/dbroot\n\nindicating that the same configfs file was tried to be opened, on which it\nis currently working on. Thus, it is trying to acquire frag_sem semaphore\nof the same file of which it already holds the semaphore obtained in\nflush_write_buffer(), leading to acquiring the semaphore in a nested manner\nand a possibility of recursive locking.\n\nFix this by modifying target_core_item_dbroot_store() to use kern_path()\ninstead of filp_open() to avoid opening the file using filesystem-specific\nfunction __configfs_open_file(), and further modifying it to make this fix\ncompatible.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23292",
"url": "https://www.suse.com/security/cve/CVE-2026-23292"
},
{
"category": "external",
"summary": "SUSE Bug 1260500 for CVE-2026-23292",
"url": "https://bugzilla.suse.com/1260500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23292"
},
{
"cve": "CVE-2026-23293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled\n\nWhen booting with the \u0027ipv6.disable=1\u0027 parameter, the nd_tbl is never\ninitialized because inet6_init() exits before ndisc_init() is called\nwhich initializes it. If an IPv6 packet is injected into the interface,\nroute_shortcircuit() is called and a NULL pointer dereference happens on\nneigh_lookup().\n\n BUG: kernel NULL pointer dereference, address: 0000000000000380\n Oops: Oops: 0000 [#1] SMP NOPTI\n [...]\n RIP: 0010:neigh_lookup+0x20/0x270\n [...]\n Call Trace:\n \u003cTASK\u003e\n vxlan_xmit+0x638/0x1ef0 [vxlan]\n dev_hard_start_xmit+0x9e/0x2e0\n __dev_queue_xmit+0xbee/0x14e0\n packet_sendmsg+0x116f/0x1930\n __sys_sendto+0x1f5/0x200\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x12f/0x1590\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFix this by adding an early check on route_shortcircuit() when protocol\nis ETH_P_IPV6. Note that ipv6_mod_enabled() cannot be used here because\nVXLAN can be built-in even when IPv6 is built as a module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23293",
"url": "https://www.suse.com/security/cve/CVE-2026-23293"
},
{
"category": "external",
"summary": "SUSE Bug 1260486 for CVE-2026-23293",
"url": "https://bugzilla.suse.com/1260486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23293"
},
{
"cve": "CVE-2026-23297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().\n\nsyzbot reported memory leak of struct cred. [0]\n\nnfsd_nl_threads_set_doit() passes get_current_cred() to\nnfsd_svc(), but put_cred() is not called after that.\n\nThe cred is finally passed down to _svc_xprt_create(),\nwhich calls get_cred() with the cred for struct svc_xprt.\n\nThe ownership of the refcount by get_current_cred() is not\ntransferred to anywhere and is just leaked.\n\nnfsd_svc() is also called from write_threads(), but it does\nnot bump file-\u003ef_cred there.\n\nnfsd_nl_threads_set_doit() is called from sendmsg() and\ncurrent-\u003ecred does not go away.\n\nLet\u0027s use current_cred() in nfsd_nl_threads_set_doit().\n\n[0]:\nBUG: memory leak\nunreferenced object 0xffff888108b89480 (size 184):\n comm \"syz-executor\", pid 5994, jiffies 4294943386\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 369454a7):\n kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]\n slab_post_alloc_hook mm/slub.c:4958 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x412/0x580 mm/slub.c:5270\n prepare_creds+0x22/0x600 kernel/cred.c:185\n copy_creds+0x44/0x290 kernel/cred.c:286\n copy_process+0x7a7/0x2870 kernel/fork.c:2086\n kernel_clone+0xac/0x6e0 kernel/fork.c:2651\n __do_sys_clone+0x7f/0xb0 kernel/fork.c:2792\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa4/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23297",
"url": "https://www.suse.com/security/cve/CVE-2026-23297"
},
{
"category": "external",
"summary": "SUSE Bug 1260490 for CVE-2026-23297",
"url": "https://bugzilla.suse.com/1260490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23297"
},
{
"cve": "CVE-2026-23304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()\n\nl3mdev_master_dev_rcu() can return NULL when the slave device is being\nun-slaved from a VRF. All other callers deal with this, but we lost\nthe fallback to loopback in ip6_rt_pcpu_alloc() -\u003e ip6_rt_get_dev_rcu()\nwith commit 4832c30d5458 (\"net: ipv6: put host and anycast routes on\ndevice with address\").\n\n KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]\n RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418)\n Call Trace:\n ip6_pol_route (net/ipv6/route.c:2318)\n fib6_rule_lookup (net/ipv6/fib6_rules.c:115)\n ip6_route_output_flags (net/ipv6/route.c:2607)\n vrf_process_v6_outbound (drivers/net/vrf.c:437)\n\nI was tempted to rework the un-slaving code to clear the flag first\nand insert synchronize_rcu() before we remove the upper. But looks like\nthe explicit fallback to loopback_dev is an established pattern.\nAnd I guess avoiding the synchronize_rcu() is nice, too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23304",
"url": "https://www.suse.com/security/cve/CVE-2026-23304"
},
{
"category": "external",
"summary": "SUSE Bug 1260544 for CVE-2026-23304",
"url": "https://bugzilla.suse.com/1260544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23304"
},
{
"cve": "CVE-2026-23319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim\n\nThe root cause of this bug is that when \u0027bpf_link_put\u0027 reduces the\nrefcount of \u0027shim_link-\u003elink.link\u0027 to zero, the resource is considered\nreleased but may still be referenced via \u0027tr-\u003eprogs_hlist\u0027 in\n\u0027cgroup_shim_find\u0027. The actual cleanup of \u0027tr-\u003eprogs_hlist\u0027 in\n\u0027bpf_shim_tramp_link_release\u0027 is deferred. During this window, another\nprocess can cause a use-after-free via \u0027bpf_trampoline_link_cgroup_shim\u0027.\n\nBased on Martin KaFai Lau\u0027s suggestions, I have created a simple patch.\n\nTo fix this:\n Add an atomic non-zero check in \u0027bpf_trampoline_link_cgroup_shim\u0027.\n Only increment the refcount if it is not already zero.\n\nTesting:\n I verified the fix by adding a delay in\n \u0027bpf_shim_tramp_link_release\u0027 to make the bug easier to trigger:\n\nstatic void bpf_shim_tramp_link_release(struct bpf_link *link)\n{\n\t/* ... */\n\tif (!shim_link-\u003etrampoline)\n\t\treturn;\n\n+\tmsleep(100);\n\tWARN_ON_ONCE(bpf_trampoline_unlink_prog(\u0026shim_link-\u003elink,\n\t\tshim_link-\u003etrampoline, NULL));\n\tbpf_trampoline_put(shim_link-\u003etrampoline);\n}\n\nBefore the patch, running a PoC easily reproduced the crash(almost 100%)\nwith a call trace similar to KaiyanM\u0027s report.\nAfter the patch, the bug no longer occurs even after millions of\niterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23319",
"url": "https://www.suse.com/security/cve/CVE-2026-23319"
},
{
"category": "external",
"summary": "SUSE Bug 1260735 for CVE-2026-23319",
"url": "https://bugzilla.suse.com/1260735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23319"
},
{
"cve": "CVE-2026-23326",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23326"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix fragment node deletion to prevent buffer leak\n\nAfter commit b692bf9a7543 (\"xsk: Get rid of xdp_buff_xsk::xskb_list_node\"),\nthe list_node field is reused for both the xskb pool list and the buffer\nfree list, this causes a buffer leak as described below.\n\nxp_free() checks if a buffer is already on the free list using\nlist_empty(\u0026xskb-\u003elist_node). When list_del() is used to remove a node\nfrom the xskb pool list, it doesn\u0027t reinitialize the node pointers.\nThis means list_empty() will return false even after the node has been\nremoved, causing xp_free() to incorrectly skip adding the buffer to the\nfree list.\n\nFix this by using list_del_init() instead of list_del() in all fragment\nhandling paths, this ensures the list node is reinitialized after removal,\nallowing the list_empty() to work correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23326",
"url": "https://www.suse.com/security/cve/CVE-2026-23326"
},
{
"category": "external",
"summary": "SUSE Bug 1260606 for CVE-2026-23326",
"url": "https://bugzilla.suse.com/1260606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23326"
},
{
"cve": "CVE-2026-23335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23335"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()\n\nstruct irdma_create_ah_resp { // 8 bytes, no padding\n __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah-\u003esc_ah.ah_info.ah_idx)\n __u8 rsvd[4]; // offset 4 - NEVER SET \u003c- LEAK\n};\n\nrsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata().\n\nThe reserved members of the structure were not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23335",
"url": "https://www.suse.com/security/cve/CVE-2026-23335"
},
{
"category": "external",
"summary": "SUSE Bug 1260550 for CVE-2026-23335",
"url": "https://bugzilla.suse.com/1260550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "low"
}
],
"title": "CVE-2026-23335"
},
{
"cve": "CVE-2026-23343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: produce a warning when calculated tailroom is negative\n\nMany ethernet drivers report xdp Rx queue frag size as being the same as\nDMA write size. However, the only user of this field, namely\nbpf_xdp_frags_increase_tail(), clearly expects a truesize.\n\nSuch difference leads to unspecific memory corruption issues under certain\ncircumstances, e.g. in ixgbevf maximum DMA write size is 3 KB, so when\nrunning xskxceiver\u0027s XDP_ADJUST_TAIL_GROW_MULTI_BUFF, 6K packet fully uses\nall DMA-writable space in 2 buffers. This would be fine, if only\nrxq-\u003efrag_size was properly set to 4K, but value of 3K results in a\nnegative tailroom, because there is a non-zero page offset.\n\nWe are supposed to return -EINVAL and be done with it in such case, but due\nto tailroom being stored as an unsigned int, it is reported to be somewhere\nnear UINT_MAX, resulting in a tail being grown, even if the requested\noffset is too much (it is around 2K in the abovementioned test). This later\nleads to all kinds of unspecific calltraces.\n\n[ 7340.337579] xskxceiver[1440]: segfault at 1da718 ip 00007f4161aeac9d sp 00007f41615a6a00 error 6\n[ 7340.338040] xskxceiver[1441]: segfault at 7f410000000b ip 00000000004042b5 sp 00007f415bffecf0 error 4\n[ 7340.338179] in libc.so.6[61c9d,7f4161aaf000+160000]\n[ 7340.339230] in xskxceiver[42b5,400000+69000]\n[ 7340.340300] likely on CPU 6 (core 0, socket 6)\n[ 7340.340302] Code: ff ff 01 e9 f4 fe ff ff 0f 1f 44 00 00 4c 39 f0 74 73 31 c0 ba 01 00 00 00 f0 0f b1 17 0f 85 ba 00 00 00 49 8b 87 88 00 00 00 \u003c4c\u003e 89 70 08 eb cc 0f 1f 44 00 00 48 8d bd f0 fe ff ff 89 85 ec fe\n[ 7340.340888] likely on CPU 3 (core 0, socket 3)\n[ 7340.345088] Code: 00 00 00 ba 00 00 00 00 be 00 00 00 00 89 c7 e8 31 ca ff ff 89 45 ec 8b 45 ec 85 c0 78 07 b8 00 00 00 00 eb 46 e8 0b c8 ff ff \u003c8b\u003e 00 83 f8 69 74 24 e8 ff c7 ff ff 8b 00 83 f8 0b 74 18 e8 f3 c7\n[ 7340.404334] Oops: general protection fault, probably for non-canonical address 0x6d255010bdffc: 0000 [#1] SMP NOPTI\n[ 7340.405972] CPU: 7 UID: 0 PID: 1439 Comm: xskxceiver Not tainted 6.19.0-rc1+ #21 PREEMPT(lazy)\n[ 7340.408006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014\n[ 7340.409716] RIP: 0010:lookup_swap_cgroup_id+0x44/0x80\n[ 7340.410455] Code: 83 f8 1c 73 39 48 ba ff ff ff ff ff ff ff 03 48 8b 04 c5 20 55 fa bd 48 21 d1 48 89 ca 83 e1 01 48 d1 ea c1 e1 04 48 8d 04 90 \u003c8b\u003e 00 48 83 c4 10 d3 e8 c3 cc cc cc cc 31 c0 e9 98 b7 dd 00 48 89\n[ 7340.412787] RSP: 0018:ffffcc5c04f7f6d0 EFLAGS: 00010202\n[ 7340.413494] RAX: 0006d255010bdffc RBX: ffff891f477895a8 RCX: 0000000000000010\n[ 7340.414431] RDX: 0001c17e3fffffff RSI: 00fa070000000000 RDI: 000382fc7fffffff\n[ 7340.415354] RBP: 00fa070000000000 R08: ffffcc5c04f7f8f8 R09: ffffcc5c04f7f7d0\n[ 7340.416283] R10: ffff891f4c1a7000 R11: ffffcc5c04f7f9c8 R12: ffffcc5c04f7f7d0\n[ 7340.417218] R13: 03ffffffffffffff R14: 00fa06fffffffe00 R15: ffff891f47789500\n[ 7340.418229] FS: 0000000000000000(0000) GS:ffff891ffdfaa000(0000) knlGS:0000000000000000\n[ 7340.419489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 7340.420286] CR2: 00007f415bfffd58 CR3: 0000000103f03002 CR4: 0000000000772ef0\n[ 7340.421237] PKRU: 55555554\n[ 7340.421623] Call Trace:\n[ 7340.421987] \u003cTASK\u003e\n[ 7340.422309] ? softleaf_from_pte+0x77/0xa0\n[ 7340.422855] swap_pte_batch+0xa7/0x290\n[ 7340.423363] zap_nonpresent_ptes.constprop.0.isra.0+0xd1/0x270\n[ 7340.424102] zap_pte_range+0x281/0x580\n[ 7340.424607] zap_pmd_range.isra.0+0xc9/0x240\n[ 7340.425177] unmap_page_range+0x24d/0x420\n[ 7340.425714] unmap_vmas+0xa1/0x180\n[ 7340.426185] exit_mmap+0xe1/0x3b0\n[ 7340.426644] __mmput+0x41/0x150\n[ 7340.427098] exit_mm+0xb1/0x110\n[ 7340.427539] do_exit+0x1b2/0x460\n[ 7340.427992] do_group_exit+0x2d/0xc0\n[ 7340.428477] get_signal+0x79d/0x7e0\n[ 7340.428957] arch_do_signal_or_restart+0x34/0x100\n[ 7340.429571] exit_to_user_mode_loop+0x8e/0x4c0\n[ 7340.430159] do_syscall_64+0x188/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23343",
"url": "https://www.suse.com/security/cve/CVE-2026-23343"
},
{
"category": "external",
"summary": "SUSE Bug 1260527 for CVE-2026-23343",
"url": "https://bugzilla.suse.com/1260527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23343"
},
{
"cve": "CVE-2026-23361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry\n\nEndpoint drivers use dw_pcie_ep_raise_msix_irq() to raise an MSI-X\ninterrupt to the host using a writel(), which generates a PCI posted write\ntransaction. There\u0027s no completion for posted writes, so the writel() may\nreturn before the PCI write completes. dw_pcie_ep_raise_msix_irq() also\nunmaps the outbound ATU entry used for the PCI write, so the write races\nwith the unmap.\n\nIf the PCI write loses the race with the ATU unmap, the write may corrupt\nhost memory or cause IOMMU errors, e.g., these when running fio with a\nlarger queue depth against nvmet-pci-epf:\n\n arm-smmu-v3 fc900000.iommu: 0x0000010000000010\n arm-smmu-v3 fc900000.iommu: 0x0000020000000000\n arm-smmu-v3 fc900000.iommu: 0x000000090000f040\n arm-smmu-v3 fc900000.iommu: 0x0000000000000000\n arm-smmu-v3 fc900000.iommu: event: F_TRANSLATION client: 0000:01:00.0 sid: 0x100 ssid: 0x0 iova: 0x90000f040 ipa: 0x0\n arm-smmu-v3 fc900000.iommu: unpriv data write s1 \"Input address caused fault\" stag: 0x0\n\nFlush the write by performing a readl() of the same address to ensure that\nthe write has reached the destination before the ATU entry is unmapped.\n\nThe same problem was solved for dw_pcie_ep_raise_msi_irq() in commit\n8719c64e76bf (\"PCI: dwc: ep: Cache MSI outbound iATU mapping\"), but there\nit was solved by dedicating an outbound iATU only for MSI. We can\u0027t do the\nsame for MSI-X because each vector can have a different msg_addr and the\nmsg_addr may be changed while the vector is masked.\n\n[bhelgaas: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23361",
"url": "https://www.suse.com/security/cve/CVE-2026-23361"
},
{
"category": "external",
"summary": "SUSE Bug 1260732 for CVE-2026-23361",
"url": "https://bugzilla.suse.com/1260732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23361"
},
{
"cve": "CVE-2026-23379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: fix divide by zero in the offload path\n\nOffloading ETS requires computing each class\u0027 WRR weight: this is done by\naveraging over the sums of quanta as \u0027q_sum\u0027 and \u0027q_psum\u0027. Using unsigned\nint, the same integer size as the individual DRR quanta, can overflow and\neven cause division by zero, like it happened in the following splat:\n\n Oops: divide error: 0000 [#1] SMP PTI\n CPU: 13 UID: 0 PID: 487 Comm: tc Tainted: G E 6.19.0-virtme #45 PREEMPT(full)\n Tainted: [E]=UNSIGNED_MODULE\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets]\n Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 \u003c41\u003e f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44\n RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246\n RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660\n RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe\n R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000\n FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x870/0xf40 [sch_ets]\n qdisc_create+0x12b/0x540\n tc_modify_qdisc+0x6d7/0xbd0\n rtnetlink_rcv_msg+0x168/0x6b0\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x1d6/0x2b0\n netlink_sendmsg+0x22e/0x470\n ____sys_sendmsg+0x38a/0x3c0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x111/0xf80\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f440b81c77e\n Code: 4d 89 d8 e8 d4 bc 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 \u003cc9\u003e c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa\n RSP: 002b:00007fff951e4c10 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000481820 RCX: 00007f440b81c77e\n RDX: 0000000000000000 RSI: 00007fff951e4cd0 RDI: 0000000000000003\n RBP: 00007fff951e4c20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff951f4fa8\n R13: 00000000699ddede R14: 00007f440bb01000 R15: 0000000000486980\n \u003c/TASK\u003e\n Modules linked in: sch_ets(E) netdevsim(E)\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets]\n Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 \u003c41\u003e f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44\n RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246\n RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660\n RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe\n R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000\n FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0\n Kernel panic - not syncing: Fatal exception\n Kernel Offset: 0x30000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)\n ---[ end Kernel panic - not syncing: Fatal exception ]---\n\nFix this using 64-bit integers for \u0027q_sum\u0027 and \u0027q_psum\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23379",
"url": "https://www.suse.com/security/cve/CVE-2026-23379"
},
{
"category": "external",
"summary": "SUSE Bug 1260481 for CVE-2026-23379",
"url": "https://bugzilla.suse.com/1260481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23379"
},
{
"cve": "CVE-2026-23381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23381"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix nd_tbl NULL dereference when IPv6 is disabled\n\nWhen booting with the \u0027ipv6.disable=1\u0027 parameter, the nd_tbl is never\ninitialized because inet6_init() exits before ndisc_init() is called\nwhich initializes it. Then, if neigh_suppress is enabled and an ICMPv6\nNeighbor Discovery packet reaches the bridge, br_do_suppress_nd() will\ndereference ipv6_stub-\u003end_tbl which is NULL, passing it to\nneigh_lookup(). This causes a kernel NULL pointer dereference.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000268\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n [...]\n RIP: 0010:neigh_lookup+0x16/0xe0\n [...]\n Call Trace:\n \u003cIRQ\u003e\n ? neigh_lookup+0x16/0xe0\n br_do_suppress_nd+0x160/0x290 [bridge]\n br_handle_frame_finish+0x500/0x620 [bridge]\n br_handle_frame+0x353/0x440 [bridge]\n __netif_receive_skb_core.constprop.0+0x298/0x1110\n __netif_receive_skb_one_core+0x3d/0xa0\n process_backlog+0xa0/0x140\n __napi_poll+0x2c/0x170\n net_rx_action+0x2c4/0x3a0\n handle_softirqs+0xd0/0x270\n do_softirq+0x3f/0x60\n\nFix this by replacing IS_ENABLED(IPV6) call with ipv6_mod_enabled() in\nthe callers. This is in essence disabling NS/NA suppression when IPv6 is\ndisabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23381",
"url": "https://www.suse.com/security/cve/CVE-2026-23381"
},
{
"category": "external",
"summary": "SUSE Bug 1260471 for CVE-2026-23381",
"url": "https://bugzilla.suse.com/1260471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23381"
},
{
"cve": "CVE-2026-23383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing\n\nstruct bpf_plt contains a u64 target field. Currently, the BPF JIT\nallocator requests an alignment of 4 bytes (sizeof(u32)) for the JIT\nbuffer.\n\nBecause the base address of the JIT buffer can be 4-byte aligned (e.g.,\nending in 0x4 or 0xc), the relative padding logic in build_plt() fails\nto ensure that target lands on an 8-byte boundary.\n\nThis leads to two issues:\n1. UBSAN reports misaligned-access warnings when dereferencing the\n structure.\n2. More critically, target is updated concurrently via WRITE_ONCE() in\n bpf_arch_text_poke() while the JIT\u0027d code executes ldr. On arm64,\n 64-bit loads/stores are only guaranteed to be single-copy atomic if\n they are 64-bit aligned. A misaligned target risks a torn read,\n causing the JIT to jump to a corrupted address.\n\nFix this by increasing the allocation alignment requirement to 8 bytes\n(sizeof(u64)) in bpf_jit_binary_pack_alloc(). This anchors the base of\nthe JIT buffer to an 8-byte boundary, allowing the relative padding math\nin build_plt() to correctly align the target field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23383",
"url": "https://www.suse.com/security/cve/CVE-2026-23383"
},
{
"category": "external",
"summary": "SUSE Bug 1260497 for CVE-2026-23383",
"url": "https://bugzilla.suse.com/1260497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23383"
},
{
"cve": "CVE-2026-23386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL\n\nIn DQ-QPL mode, gve_tx_clean_pending_packets() incorrectly uses the RDA\nbuffer cleanup path. It iterates num_bufs times and attempts to unmap\nentries in the dma array.\n\nThis leads to two issues:\n1. The dma array shares storage with tx_qpl_buf_ids (union).\n Interpreting buffer IDs as DMA addresses results in attempting to\n unmap incorrect memory locations.\n2. num_bufs in QPL mode (counting 2K chunks) can significantly exceed\n the size of the dma array, causing out-of-bounds access warnings\n(trace below is how we noticed this issue).\n\nUBSAN: array-index-out-of-bounds in\ndrivers/net/ethernet/drivers/net/ethernet/google/gve/gve_tx_dqo.c:178:5 index 18 is out of\nrange for type \u0027dma_addr_t[18]\u0027 (aka \u0027unsigned long long[18]\u0027)\nWorkqueue: gve gve_service_task [gve]\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x33/0xa0\n__ubsan_handle_out_of_bounds+0xdc/0x110\ngve_tx_stop_ring_dqo+0x182/0x200 [gve]\ngve_close+0x1be/0x450 [gve]\ngve_reset+0x99/0x120 [gve]\ngve_service_task+0x61/0x100 [gve]\nprocess_scheduled_works+0x1e9/0x380\n\nFix this by properly checking for QPL mode and delegating to\ngve_free_tx_qpl_bufs() to reclaim the buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23386",
"url": "https://www.suse.com/security/cve/CVE-2026-23386"
},
{
"category": "external",
"summary": "SUSE Bug 1260799 for CVE-2026-23386",
"url": "https://bugzilla.suse.com/1260799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23386"
},
{
"cve": "CVE-2026-23393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: cfm: Fix race condition in peer_mep deletion\n\nWhen a peer MEP is being deleted, cancel_delayed_work_sync() is called\non ccm_rx_dwork before freeing. However, br_cfm_frame_rx() runs in\nsoftirq context under rcu_read_lock (without RTNL) and can re-schedule\nccm_rx_dwork via ccm_rx_timer_start() between cancel_delayed_work_sync()\nreturning and kfree_rcu() being called.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\nmep_delete_implementation()\n cancel_delayed_work_sync(ccm_rx_dwork);\n br_cfm_frame_rx()\n // peer_mep still in hlist\n if (peer_mep-\u003eccm_defect)\n ccm_rx_timer_start()\n queue_delayed_work(ccm_rx_dwork)\n hlist_del_rcu(\u0026peer_mep-\u003ehead);\n kfree_rcu(peer_mep, rcu);\n ccm_rx_work_expired()\n // on freed peer_mep\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync() in both peer MEP deletion paths, so\nthat subsequent queue_delayed_work() calls from br_cfm_frame_rx()\nare silently rejected.\n\nThe cc_peer_disable() helper retains cancel_delayed_work_sync()\nbecause it is also used for the CC enable/disable toggle path where\nthe work must remain re-schedulable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23393",
"url": "https://www.suse.com/security/cve/CVE-2026-23393"
},
{
"category": "external",
"summary": "SUSE Bug 1260522 for CVE-2026-23393",
"url": "https://bugzilla.suse.com/1260522"
},
{
"category": "external",
"summary": "SUSE Bug 1260524 for CVE-2026-23393",
"url": "https://bugzilla.suse.com/1260524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-23393"
},
{
"cve": "CVE-2026-23398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: fix NULL pointer dereference in icmp_tag_validation()\n\nicmp_tag_validation() unconditionally dereferences the result of\nrcu_dereference(inet_protos[proto]) without checking for NULL.\nThe inet_protos[] array is sparse -- only about 15 of 256 protocol\nnumbers have registered handlers. When ip_no_pmtu_disc is set to 3\n(hardened PMTU mode) and the kernel receives an ICMP Fragmentation\nNeeded error with a quoted inner IP header containing an unregistered\nprotocol number, the NULL dereference causes a kernel panic in\nsoftirq context.\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n RIP: 0010:icmp_unreach (net/ipv4/icmp.c:1085 net/ipv4/icmp.c:1143)\n Call Trace:\n \u003cIRQ\u003e\n icmp_rcv (net/ipv4/icmp.c:1527)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (net/ipv4/ip_input.c:242)\n ip_local_deliver (net/ipv4/ip_input.c:262)\n ip_rcv (net/ipv4/ip_input.c:573)\n __netif_receive_skb_one_core (net/core/dev.c:6164)\n process_backlog (net/core/dev.c:6628)\n handle_softirqs (kernel/softirq.c:561)\n \u003c/IRQ\u003e\n\nAdd a NULL check before accessing icmp_strict_tag_validation. If the\nprotocol has no registered handler, return false since it cannot\nperform strict tag validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23398",
"url": "https://www.suse.com/security/cve/CVE-2026-23398"
},
{
"category": "external",
"summary": "SUSE Bug 1260730 for CVE-2026-23398",
"url": "https://bugzilla.suse.com/1260730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23398"
},
{
"cve": "CVE-2026-23413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclsact: Fix use-after-free in init/destroy rollback asymmetry\n\nFix a use-after-free in the clsact qdisc upon init/destroy rollback asymmetry.\nThe latter is achieved by first fully initializing a clsact instance, and\nthen in a second step having a replacement failure for the new clsact qdisc\ninstance. clsact_init() initializes ingress first and then takes care of the\negress part. This can fail midway, for example, via tcf_block_get_ext(). Upon\nfailure, the kernel will trigger the clsact_destroy() callback.\n\nCommit 1cb6f0bae504 (\"bpf: Fix too early release of tcx_entry\") details the\nway how the transition is happening. If tcf_block_get_ext on the q-\u003eingress_block\nends up failing, we took the tcx_miniq_inc reference count on the ingress\nside, but not yet on the egress side. clsact_destroy() tests whether the\n{ingress,egress}_entry was non-NULL. However, even in midway failure on the\nreplacement, both are in fact non-NULL with a valid egress_entry from the\nprevious clsact instance.\n\nWhat we really need to test for is whether the qdisc instance-specific ingress\nor egress side previously got initialized. This adds a small helper for checking\nthe miniq initialization called mini_qdisc_pair_inited, and utilizes that upon\nclsact_destroy() in order to fix the use-after-free scenario. Convert the\ningress_destroy() side as well so both are consistent to each other.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23413",
"url": "https://www.suse.com/security/cve/CVE-2026-23413"
},
{
"category": "external",
"summary": "SUSE Bug 1261498 for CVE-2026-23413",
"url": "https://bugzilla.suse.com/1261498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23413"
},
{
"cve": "CVE-2026-23414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: Purge async_hold in tls_decrypt_async_wait()\n\nThe async_hold queue pins encrypted input skbs while\nthe AEAD engine references their scatterlist data. Once\ntls_decrypt_async_wait() returns, every AEAD operation\nhas completed and the engine no longer references those\nskbs, so they can be freed unconditionally.\n\nA subsequent patch adds batch async decryption to\ntls_sw_read_sock(), introducing a new call site that\nmust drain pending AEAD operations and release held\nskbs. Move __skb_queue_purge(\u0026ctx-\u003easync_hold) into\ntls_decrypt_async_wait() so the purge is centralized\nand every caller -- recvmsg\u0027s drain path, the -EBUSY\nfallback in tls_do_decryption(), and the new read_sock\nbatch path -- releases held skbs on synchronization\nwithout each site managing the purge independently.\n\nThis fixes a leak when tls_strp_msg_hold() fails part-way through,\nafter having added some cloned skbs to the async_hold\nqueue. tls_decrypt_sg() will then call tls_decrypt_async_wait() to\nprocess all pending decrypts, and drop back to synchronous mode, but\ntls_sw_recvmsg() only flushes the async_hold queue when one record has\nbeen processed in \"fully-async\" mode, which may not be the case here.\n\n[pabeni@redhat.com: added leak comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23414",
"url": "https://www.suse.com/security/cve/CVE-2026-23414"
},
{
"category": "external",
"summary": "SUSE Bug 1261496 for CVE-2026-23414",
"url": "https://bugzilla.suse.com/1261496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23414"
},
{
"cve": "CVE-2026-23419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: Fix circular locking dependency in rds_tcp_tune\n\nsyzbot reported a circular locking dependency in rds_tcp_tune() where\nsk_net_refcnt_upgrade() is called while holding the socket lock:\n\n======================================================\nWARNING: possible circular locking dependency detected\n======================================================\nkworker/u10:8/15040 is trying to acquire lock:\nffffffff8e9aaf80 (fs_reclaim){+.+.}-{0:0},\nat: __kmalloc_cache_noprof+0x4b/0x6f0\n\nbut task is already holding lock:\nffff88805a3c1ce0 (k-sk_lock-AF_INET6){+.+.}-{0:0},\nat: rds_tcp_tune+0xd7/0x930\n\nThe issue occurs because sk_net_refcnt_upgrade() performs memory\nallocation (via get_net_track() -\u003e ref_tracker_alloc()) while the\nsocket lock is held, creating a circular dependency with fs_reclaim.\n\nFix this by moving sk_net_refcnt_upgrade() outside the socket lock\ncritical section. This is safe because the fields modified by the\nsk_net_refcnt_upgrade() call (sk_net_refcnt, ns_tracker) are not\naccessed by any concurrent code path at this point.\n\nv2:\n - Corrected fixes tag\n - check patch line wrap nits\n - ai commentary nits",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23419",
"url": "https://www.suse.com/security/cve/CVE-2026-23419"
},
{
"category": "external",
"summary": "SUSE Bug 1261507 for CVE-2026-23419",
"url": "https://bugzilla.suse.com/1261507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23419"
},
{
"cve": "CVE-2026-23425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23425"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix ID register initialization for non-protected pKVM guests\n\nIn protected mode, the hypervisor maintains a separate instance of\nthe `kvm` structure for each VM. For non-protected VMs, this structure is\ninitialized from the host\u0027s `kvm` state.\n\nCurrently, `pkvm_init_features_from_host()` copies the\n`KVM_ARCH_FLAG_ID_REGS_INITIALIZED` flag from the host without the\nunderlying `id_regs` data being initialized. This results in the\nhypervisor seeing the flag as set while the ID registers remain zeroed.\n\nConsequently, `kvm_has_feat()` checks at EL2 fail (return 0) for\nnon-protected VMs. This breaks logic that relies on feature detection,\nsuch as `ctxt_has_tcrx()` for TCR2_EL1 support. As a result, certain\nsystem registers (e.g., TCR2_EL1, PIR_EL1, POR_EL1) are not\nsaved/restored during the world switch, which could lead to state\ncorruption.\n\nFix this by explicitly copying the ID registers from the host `kvm` to\nthe hypervisor `kvm` for non-protected VMs during initialization, since\nwe trust the host with its non-protected guests\u0027 features. Also ensure\n`KVM_ARCH_FLAG_ID_REGS_INITIALIZED` is cleared initially in\n`pkvm_init_features_from_host` so that `vm_copy_id_regs` can properly\ninitialize them and set the flag once done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23425",
"url": "https://www.suse.com/security/cve/CVE-2026-23425"
},
{
"category": "external",
"summary": "SUSE Bug 1261506 for CVE-2026-23425",
"url": "https://bugzilla.suse.com/1261506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-23425"
},
{
"cve": "CVE-2026-31788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/privcmd: restrict usage in unprivileged domU\n\nThe Xen privcmd driver allows to issue arbitrary hypercalls from\nuser space processes. This is normally no problem, as access is\nusually limited to root and the hypervisor will deny any hypercalls\naffecting other domains.\n\nIn case the guest is booted using secure boot, however, the privcmd\ndriver would be enabling a root user process to modify e.g. kernel\nmemory contents, thus breaking the secure boot feature.\n\nThe only known case where an unprivileged domU is really needing to\nuse the privcmd driver is the case when it is acting as the device\nmodel for another guest. In this case all hypercalls issued via the\nprivcmd driver will target that other guest.\n\nFortunately the privcmd driver can already be locked down to allow\nonly hypercalls targeting a specific domain, but this mode can be\nactivated from user land only today.\n\nThe target domain can be obtained from Xenstore, so when not running\nin dom0 restrict the privcmd driver to that target domain from the\nbeginning, resolving the potential problem of breaking secure boot.\n\nThis is XSA-482\n\n---\nV2:\n- defer reading from Xenstore if Xenstore isn\u0027t ready yet (Jan Beulich)\n- wait in open() if target domain isn\u0027t known yet\n- issue message in case no target domain found (Jan Beulich)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31788",
"url": "https://www.suse.com/security/cve/CVE-2026-31788"
},
{
"category": "external",
"summary": "SUSE Bug 1259707 for CVE-2026-31788",
"url": "https://bugzilla.suse.com/1259707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.27.1.160000.2.8.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.28.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.28.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T15:44:52Z",
"details": "important"
}
],
"title": "CVE-2026-31788"
}
]
}
GHSA-6R9H-PC2X-G962
Vulnerability from github – Published: 2026-03-25 12:30 – Updated: 2026-04-23 21:31
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
xsk: Fix fragment node deletion to prevent buffer leak
After commit b692bf9a7543 ("xsk: Get rid of xdp_buff_xsk::xskb_list_node"), the list_node field is reused for both the xskb pool list and the buffer free list, this causes a buffer leak as described below.
xp_free() checks if a buffer is already on the free list using list_empty(&xskb->list_node). When list_del() is used to remove a node from the xskb pool list, it doesn't reinitialize the node pointers. This means list_empty() will return false even after the node has been removed, causing xp_free() to incorrectly skip adding the buffer to the free list.
Fix this by using list_del_init() instead of list_del() in all fragment handling paths, this ensures the list node is reinitialized after removal, allowing the list_empty() to work correctly.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2026-23326"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-25T11:16:29Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix fragment node deletion to prevent buffer leak\n\nAfter commit b692bf9a7543 (\"xsk: Get rid of xdp_buff_xsk::xskb_list_node\"),\nthe list_node field is reused for both the xskb pool list and the buffer\nfree list, this causes a buffer leak as described below.\n\nxp_free() checks if a buffer is already on the free list using\nlist_empty(\u0026xskb-\u003elist_node). When list_del() is used to remove a node\nfrom the xskb pool list, it doesn\u0027t reinitialize the node pointers.\nThis means list_empty() will return false even after the node has been\nremoved, causing xp_free() to incorrectly skip adding the buffer to the\nfree list.\n\nFix this by using list_del_init() instead of list_del() in all fragment\nhandling paths, this ensures the list node is reinitialized after removal,\nallowing the list_empty() to work correctly.",
"id": "GHSA-6r9h-pc2x-g962",
"modified": "2026-04-23T21:31:17Z",
"published": "2026-03-25T12:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23326"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2a9ea988465ece5b6896b1bdc144170a64e84c35"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5172adf9efb8298a52f4dcdc3f98d4d9d1e06a6d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/60abb0ac11dccd6b98fd9182bc5f85b621688861"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/645c6d8376ad4913cbffe0e0c2cca0c4febbe596"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b38cbd4af5034635cff109e08788c63f956f3a69"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…