SUSE-SU-2026:0496-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594). - CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095). - CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908). - CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210). - CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723). - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751). - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). - CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842). - CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483). - CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251). - CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). - CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). - CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171). - CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582). - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641). - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623). - CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612). - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726). - CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744). - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779). - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236). - CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232). - CVE-2023-53215: sched/fair: Don't balance task to its current running CPU (bsc#1250397). - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). The following non security issues were fixed: - Revert 'ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582)'. - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087 bsc#1254447). - net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). - net: tcp: allow zero-window ACK update the window (bsc#1254767). - net: tcp: send zero-window ACK when no memory (bsc#1254767). - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - tcp: correct handling of extreme memory squeeze (bsc#1254767). - x86: make page fault handling disable interrupts properly (git-fixes).
Affected Systems
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.13.121.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.13.121.1
References (109)
- https://www.suse.com/support/update/announcement/2026/suse-su-20260496-1/
- https://bugzilla.suse.com/1220137
- https://bugzilla.suse.com/1220144
- https://bugzilla.suse.com/1222323
- https://bugzilla.suse.com/1223007
- https://bugzilla.suse.com/1225049
- https://bugzilla.suse.com/1233038
- https://bugzilla.suse.com/1235905
- https://bugzilla.suse.com/1236104
- https://bugzilla.suse.com/1236208
- https://bugzilla.suse.com/1237885
- https://bugzilla.suse.com/1237906
- https://bugzilla.suse.com/1238414
- https://bugzilla.suse.com/1238754
- https://bugzilla.suse.com/1238763
- https://bugzilla.suse.com/1244758
- https://bugzilla.suse.com/1244904
- https://bugzilla.suse.com/1245110
- https://bugzilla.suse.com/1245210
- https://bugzilla.suse.com/1245723
- https://bugzilla.suse.com/1245751
- https://bugzilla.suse.com/1247177
- https://bugzilla.suse.com/1247483
- https://bugzilla.suse.com/1248306
- https://bugzilla.suse.com/1248377
- https://bugzilla.suse.com/1249156
- https://bugzilla.suse.com/1249158
- https://bugzilla.suse.com/1249827
- https://bugzilla.suse.com/1252785
- https://bugzilla.suse.com/1253028
- https://bugzilla.suse.com/1253087
- https://bugzilla.suse.com/1253409
- https://bugzilla.suse.com/1253702
- https://bugzilla.suse.com/1254447
- https://bugzilla.suse.com/1254462
- https://bugzilla.suse.com/1254463
- https://bugzilla.suse.com/1254464
- https://bugzilla.suse.com/1254465
- https://bugzilla.suse.com/1254767
- https://bugzilla.suse.com/1254842
- https://bugzilla.suse.com/1255171
- https://bugzilla.suse.com/1255251
- https://bugzilla.suse.com/1255377
- https://bugzilla.suse.com/1255401
- https://bugzilla.suse.com/1255594
- https://bugzilla.suse.com/1255908
- https://bugzilla.suse.com/1256095
- https://bugzilla.suse.com/1256582
- https://bugzilla.suse.com/1256612
- https://bugzilla.suse.com/1256623
- https://bugzilla.suse.com/1256641
- https://bugzilla.suse.com/1256726
- https://bugzilla.suse.com/1256744
- https://bugzilla.suse.com/1256779
- https://bugzilla.suse.com/1256792
- https://bugzilla.suse.com/1257232
- https://bugzilla.suse.com/1257236
- https://bugzilla.suse.com/1257296
- https://bugzilla.suse.com/1257473
- https://www.suse.com/security/cve/CVE-2022-49604
- https://www.suse.com/security/cve/CVE-2022-49943
- https://www.suse.com/security/cve/CVE-2022-49980
- https://www.suse.com/security/cve/CVE-2022-50232
- https://www.suse.com/security/cve/CVE-2022-50697
- https://www.suse.com/security/cve/CVE-2023-52433
- https://www.suse.com/security/cve/CVE-2023-52874
- https://www.suse.com/security/cve/CVE-2023-52923
- https://www.suse.com/security/cve/CVE-2023-53178
- https://www.suse.com/security/cve/CVE-2023-53407
- https://www.suse.com/security/cve/CVE-2023-53412
- https://www.suse.com/security/cve/CVE-2023-53417
- https://www.suse.com/security/cve/CVE-2023-53418
- https://www.suse.com/security/cve/CVE-2023-53714
- https://www.suse.com/security/cve/CVE-2023-54142
- https://www.suse.com/security/cve/CVE-2023-54243
- https://www.suse.com/security/cve/CVE-2024-26581
- https://www.suse.com/security/cve/CVE-2024-26661
- https://www.suse.com/security/cve/CVE-2024-26832
- https://www.suse.com/security/cve/CVE-2024-50143
- https://www.suse.com/security/cve/CVE-2024-54031
- https://www.suse.com/security/cve/CVE-2025-21658
- https://www.suse.com/security/cve/CVE-2025-21760
- https://www.suse.com/security/cve/CVE-2025-21764
- https://www.suse.com/security/cve/CVE-2025-21765
- https://www.suse.com/security/cve/CVE-2025-21766
- https://www.suse.com/security/cve/CVE-2025-38068
- https://www.suse.com/security/cve/CVE-2025-38129
- https://www.suse.com/security/cve/CVE-2025-38159
- https://www.suse.com/security/cve/CVE-2025-38375
- https://www.suse.com/security/cve/CVE-2025-38563
- https://www.suse.com/security/cve/CVE-2025-38565
- https://www.suse.com/security/cve/CVE-2025-38684
- https://www.suse.com/security/cve/CVE-2025-40044
- https://www.suse.com/security/cve/CVE-2025-40139
- https://www.suse.com/security/cve/CVE-2025-40257
- https://www.suse.com/security/cve/CVE-2025-40300
- https://www.suse.com/security/cve/CVE-2025-68183
- https://www.suse.com/security/cve/CVE-2025-68284
- https://www.suse.com/security/cve/CVE-2025-68285
- https://www.suse.com/security/cve/CVE-2025-68312
- https://www.suse.com/security/cve/CVE-2025-68771
- https://www.suse.com/security/cve/CVE-2025-68813
- https://www.suse.com/security/cve/CVE-2025-71085
- https://www.suse.com/security/cve/CVE-2025-71089
- https://www.suse.com/security/cve/CVE-2025-71112
- https://www.suse.com/security/cve/CVE-2025-71116
- https://www.suse.com/security/cve/CVE-2025-71120
- https://www.suse.com/security/cve/CVE-2026-22999
- https://www.suse.com/security/cve/CVE-2026-23001