SUSE-SU-2026:0471-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842). - CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845). - CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). - CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). - CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665). - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641). - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623). - CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612). - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726). - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779). - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236). - CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232). - CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332). The following non security issues were fixed: - bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603). - btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes). - cifs: Fix copy offload to flush destination region (bsc#1252511). - cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511). - cifs: add new field to track the last access time of cfid (git-fixes). - ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). - ice: use netif_get_num_default_rss_queues() (bsc#1247712). - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087). - net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). - net: tcp: allow zero-window ACK update the window (bsc#1254767). - sched: Increase sched_tick_remote timeout (bsc#1254510). - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - smb: change return type of cached_dir_lease_break() to bool (git-fixes). - smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes). - smb: client: remove unused fid_lock (git-fixes). - smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes). - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748). - smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes). - smb: improve directory cache reuse for readdir operations (bsc#1252712). - x86: make page fault handling disable interrupts properly (git-fixes).
Affected Systems
- opensuse•dtb-aarch64&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-64kb&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-debug&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-default-base&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1.150600.12.40.1
- opensuse•kernel-default&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-docs&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-kvmsmall&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-obs-build&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-obs-qa&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-source&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-syms&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- opensuse•kernel-zfcpdump&distro=openSUSE Leap 15.6
< 6.4.0-150600.23.87.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1.150600.12.40.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
< 6.4.0-150600.23.87.1.150600.12.40.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-livepatch-SLE15-SP6_Update_20&distro=SUSE Linux Enterprise Live Patching 15 SP6
< 1-150600.13.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
< 6.4.0-150600.23.87.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
< 6.4.0-150600.23.87.1
References (92)
- https://www.suse.com/support/update/announcement/2026/suse-su-20260471-1/
- https://bugzilla.suse.com/1228490
- https://bugzilla.suse.com/1233563
- https://bugzilla.suse.com/1234842
- https://bugzilla.suse.com/1241437
- https://bugzilla.suse.com/1242909
- https://bugzilla.suse.com/1246184
- https://bugzilla.suse.com/1246447
- https://bugzilla.suse.com/1247030
- https://bugzilla.suse.com/1247712
- https://bugzilla.suse.com/1248211
- https://bugzilla.suse.com/1249307
- https://bugzilla.suse.com/1250032
- https://bugzilla.suse.com/1250082
- https://bugzilla.suse.com/1250705
- https://bugzilla.suse.com/1250748
- https://bugzilla.suse.com/1252511
- https://bugzilla.suse.com/1252712
- https://bugzilla.suse.com/1252900
- https://bugzilla.suse.com/1253087
- https://bugzilla.suse.com/1253451
- https://bugzilla.suse.com/1254378
- https://bugzilla.suse.com/1254447
- https://bugzilla.suse.com/1254465
- https://bugzilla.suse.com/1254510
- https://bugzilla.suse.com/1254767
- https://bugzilla.suse.com/1254842
- https://bugzilla.suse.com/1254845
- https://bugzilla.suse.com/1255377
- https://bugzilla.suse.com/1255401
- https://bugzilla.suse.com/1256528
- https://bugzilla.suse.com/1256609
- https://bugzilla.suse.com/1256610
- https://bugzilla.suse.com/1256612
- https://bugzilla.suse.com/1256616
- https://bugzilla.suse.com/1256617
- https://bugzilla.suse.com/1256623
- https://bugzilla.suse.com/1256641
- https://bugzilla.suse.com/1256664
- https://bugzilla.suse.com/1256665
- https://bugzilla.suse.com/1256682
- https://bugzilla.suse.com/1256726
- https://bugzilla.suse.com/1256728
- https://bugzilla.suse.com/1256759
- https://bugzilla.suse.com/1256779
- https://bugzilla.suse.com/1256792
- https://bugzilla.suse.com/1257154
- https://bugzilla.suse.com/1257158
- https://bugzilla.suse.com/1257232
- https://bugzilla.suse.com/1257236
- https://bugzilla.suse.com/1257296
- https://bugzilla.suse.com/1257332
- https://bugzilla.suse.com/1257473
- https://bugzilla.suse.com/1257603
- https://www.suse.com/security/cve/CVE-2023-53714
- https://www.suse.com/security/cve/CVE-2024-42103
- https://www.suse.com/security/cve/CVE-2024-53070
- https://www.suse.com/security/cve/CVE-2024-53149
- https://www.suse.com/security/cve/CVE-2025-22047
- https://www.suse.com/security/cve/CVE-2025-37813
- https://www.suse.com/security/cve/CVE-2025-38243
- https://www.suse.com/security/cve/CVE-2025-38322
- https://www.suse.com/security/cve/CVE-2025-38379
- https://www.suse.com/security/cve/CVE-2025-38539
- https://www.suse.com/security/cve/CVE-2025-39689
- https://www.suse.com/security/cve/CVE-2025-39813
- https://www.suse.com/security/cve/CVE-2025-39829
- https://www.suse.com/security/cve/CVE-2025-39913
- https://www.suse.com/security/cve/CVE-2025-40097
- https://www.suse.com/security/cve/CVE-2025-40202
- https://www.suse.com/security/cve/CVE-2025-40257
- https://www.suse.com/security/cve/CVE-2025-40259
- https://www.suse.com/security/cve/CVE-2025-68284
- https://www.suse.com/security/cve/CVE-2025-68285
- https://www.suse.com/security/cve/CVE-2025-68775
- https://www.suse.com/security/cve/CVE-2025-68804
- https://www.suse.com/security/cve/CVE-2025-68808
- https://www.suse.com/security/cve/CVE-2025-68813
- https://www.suse.com/security/cve/CVE-2025-68819
- https://www.suse.com/security/cve/CVE-2025-71078
- https://www.suse.com/security/cve/CVE-2025-71081
- https://www.suse.com/security/cve/CVE-2025-71083
- https://www.suse.com/security/cve/CVE-2025-71085
- https://www.suse.com/security/cve/CVE-2025-71089
- https://www.suse.com/security/cve/CVE-2025-71111
- https://www.suse.com/security/cve/CVE-2025-71112
- https://www.suse.com/security/cve/CVE-2025-71120
- https://www.suse.com/security/cve/CVE-2025-71136
- https://www.suse.com/security/cve/CVE-2025-71147
- https://www.suse.com/security/cve/CVE-2026-22999
- https://www.suse.com/security/cve/CVE-2026-23001
- https://www.suse.com/security/cve/CVE-2026-23010