SUSE-SU-2026:0474-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594). - CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095). - CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908). - CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210). - CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723). - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751). - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). - CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842). - CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483). - CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251). - CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). - CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). - CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171). - CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582). - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641). - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623). - CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612). - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726). - CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744). - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779). - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236). - CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232). The following non security issues were fixed: - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087). - net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). - net: tcp: allow zero-window ACK update the window (bsc#1254767). - net: tcp: send zero-window ACK when no memory (bsc#1254767). - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - tcp: correct handling of extreme memory squeeze (bsc#1254767). - x86: make page fault handling disable interrupts properly (git-fixes).
Affected Systems
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1.150500.6.67.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1.150500.6.67.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.136.1.150500.6.67.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1.150500.6.67.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.136.1.150500.6.67.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 5.14.21-150500.55.136.1
- suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.136.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.136.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.136.1
- suse•kernel-livepatch-SLE15-SP5_Update_35&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 1-150500.11.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.136.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-source&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.136.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.136.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.136.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.136.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.136.1
References (109)
- https://www.suse.com/support/update/announcement/2026/suse-su-20260474-1/
- https://bugzilla.suse.com/1220137
- https://bugzilla.suse.com/1220144
- https://bugzilla.suse.com/1222323
- https://bugzilla.suse.com/1223007
- https://bugzilla.suse.com/1225049
- https://bugzilla.suse.com/1233038
- https://bugzilla.suse.com/1235905
- https://bugzilla.suse.com/1236104
- https://bugzilla.suse.com/1236208
- https://bugzilla.suse.com/1237885
- https://bugzilla.suse.com/1237906
- https://bugzilla.suse.com/1238414
- https://bugzilla.suse.com/1238754
- https://bugzilla.suse.com/1238763
- https://bugzilla.suse.com/1244758
- https://bugzilla.suse.com/1244904
- https://bugzilla.suse.com/1245110
- https://bugzilla.suse.com/1245210
- https://bugzilla.suse.com/1245723
- https://bugzilla.suse.com/1245751
- https://bugzilla.suse.com/1247177
- https://bugzilla.suse.com/1247483
- https://bugzilla.suse.com/1248306
- https://bugzilla.suse.com/1248377
- https://bugzilla.suse.com/1249156
- https://bugzilla.suse.com/1249158
- https://bugzilla.suse.com/1249827
- https://bugzilla.suse.com/1252785
- https://bugzilla.suse.com/1253028
- https://bugzilla.suse.com/1253087
- https://bugzilla.suse.com/1253409
- https://bugzilla.suse.com/1253702
- https://bugzilla.suse.com/1254447
- https://bugzilla.suse.com/1254462
- https://bugzilla.suse.com/1254463
- https://bugzilla.suse.com/1254464
- https://bugzilla.suse.com/1254465
- https://bugzilla.suse.com/1254767
- https://bugzilla.suse.com/1254842
- https://bugzilla.suse.com/1255171
- https://bugzilla.suse.com/1255251
- https://bugzilla.suse.com/1255377
- https://bugzilla.suse.com/1255401
- https://bugzilla.suse.com/1255594
- https://bugzilla.suse.com/1255908
- https://bugzilla.suse.com/1256095
- https://bugzilla.suse.com/1256582
- https://bugzilla.suse.com/1256612
- https://bugzilla.suse.com/1256623
- https://bugzilla.suse.com/1256641
- https://bugzilla.suse.com/1256726
- https://bugzilla.suse.com/1256744
- https://bugzilla.suse.com/1256779
- https://bugzilla.suse.com/1256792
- https://bugzilla.suse.com/1257232
- https://bugzilla.suse.com/1257236
- https://bugzilla.suse.com/1257296
- https://bugzilla.suse.com/1257473
- https://www.suse.com/security/cve/CVE-2022-49604
- https://www.suse.com/security/cve/CVE-2022-49943
- https://www.suse.com/security/cve/CVE-2022-49980
- https://www.suse.com/security/cve/CVE-2022-50232
- https://www.suse.com/security/cve/CVE-2022-50697
- https://www.suse.com/security/cve/CVE-2023-52433
- https://www.suse.com/security/cve/CVE-2023-52874
- https://www.suse.com/security/cve/CVE-2023-52923
- https://www.suse.com/security/cve/CVE-2023-53178
- https://www.suse.com/security/cve/CVE-2023-53407
- https://www.suse.com/security/cve/CVE-2023-53412
- https://www.suse.com/security/cve/CVE-2023-53417
- https://www.suse.com/security/cve/CVE-2023-53418
- https://www.suse.com/security/cve/CVE-2023-53714
- https://www.suse.com/security/cve/CVE-2023-54142
- https://www.suse.com/security/cve/CVE-2023-54243
- https://www.suse.com/security/cve/CVE-2024-26581
- https://www.suse.com/security/cve/CVE-2024-26661
- https://www.suse.com/security/cve/CVE-2024-26832
- https://www.suse.com/security/cve/CVE-2024-50143
- https://www.suse.com/security/cve/CVE-2024-54031
- https://www.suse.com/security/cve/CVE-2025-21658
- https://www.suse.com/security/cve/CVE-2025-21760
- https://www.suse.com/security/cve/CVE-2025-21764
- https://www.suse.com/security/cve/CVE-2025-21765
- https://www.suse.com/security/cve/CVE-2025-21766
- https://www.suse.com/security/cve/CVE-2025-38068
- https://www.suse.com/security/cve/CVE-2025-38129
- https://www.suse.com/security/cve/CVE-2025-38159
- https://www.suse.com/security/cve/CVE-2025-38375
- https://www.suse.com/security/cve/CVE-2025-38563
- https://www.suse.com/security/cve/CVE-2025-38565
- https://www.suse.com/security/cve/CVE-2025-38684
- https://www.suse.com/security/cve/CVE-2025-40044
- https://www.suse.com/security/cve/CVE-2025-40139
- https://www.suse.com/security/cve/CVE-2025-40257
- https://www.suse.com/security/cve/CVE-2025-40300
- https://www.suse.com/security/cve/CVE-2025-68183
- https://www.suse.com/security/cve/CVE-2025-68284
- https://www.suse.com/security/cve/CVE-2025-68285
- https://www.suse.com/security/cve/CVE-2025-68312
- https://www.suse.com/security/cve/CVE-2025-68771
- https://www.suse.com/security/cve/CVE-2025-68813
- https://www.suse.com/security/cve/CVE-2025-71085
- https://www.suse.com/security/cve/CVE-2025-71089
- https://www.suse.com/security/cve/CVE-2025-71112
- https://www.suse.com/security/cve/CVE-2025-71116
- https://www.suse.com/security/cve/CVE-2025-71120
- https://www.suse.com/security/cve/CVE-2026-22999
- https://www.suse.com/security/cve/CVE-2026-23001