ESB-2026.3109

=========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2026.3109 Security update for the Linux Kernel 31 March 2026 =========================================================================== AUSCERT Security Bulletin Summary --------------------------------- Product: Linux Kernel Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2025-40044 CVE-2022-49943 CVE-2022-49604 CVE-2022-49980 CVE-2024-50143 CVE-2025-38684 CVE-2023-53178 CVE-2026-22999 CVE-2026-23001 CVE-2026-23191 CVE-2026-23204 CVE-2025-21738 CVE-2026-23209 CVE-2026-23268 CVE-2026-23269 CVE-2025-21760 CVE-2024-26832 CVE-2025-40242 CVE-2023-52433 CVE-2025-21764 CVE-2025-21765 CVE-2025-21658 CVE-2025-21766 CVE-2025-71066 CVE-2025-38563 CVE-2023-52923 CVE-2025-38565 CVE-2026-23004 CVE-2026-23054 CVE-2022-50232 CVE-2023-53407 CVE-2023-53412 CVE-2023-53417 CVE-2023-53418 CVE-2024-46854 CVE-2026-23060 CVE-2025-71085 CVE-2024-54031 CVE-2026-23074 CVE-2024-26581 CVE-2026-23089 CVE-2025-71112 CVE-2025-40139 CVE-2025-68312 Original Bulletin: https://www.suse.com/support/update/announcement/2026/suse-su-20261131-1 Comment: CVSS (Max): 7.8 CVE-2026-23209 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NIST, [SUSE] Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H EPSS (Max): 0.3% (52nd) CVE-2024-26581 2026-03-29 - --------------------------BEGIN INCLUDED TEXT-------------------- Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1131-1 Release Date: 2026-03-27T16:02:22Z Rating: important o bsc#1220137 o bsc#1220144 o bsc#1223007 o bsc#1231084 o bsc#1233038 o bsc#1235905 o bsc#1236104 o bsc#1236208 o bsc#1237885 o bsc#1237906 o bsc#1238414 o bsc#1238754 o bsc#1238763 o bsc#1238917 o bsc#1244758 o bsc#1244904 o bsc#1245110 o bsc#1248306 o bsc#1248377 o bsc#1249156 o bsc#1249158 o bsc#1249827 o bsc#1252785 o bsc#1253028 o bsc#1253409 o bsc#1254462 References: o bsc#1254463 o bsc#1254464 o bsc#1254767 o bsc#1255075 o bsc#1255171 o bsc#1256623 o bsc#1256645 o bsc#1256726 o bsc#1256792 o bsc#1257231 o bsc#1257232 o bsc#1257236 o bsc#1257296 o bsc#1257473 o bsc#1257732 o bsc#1257735 o bsc#1257749 o bsc#1257771 o bsc#1257790 o bsc#1258340 o bsc#1258395 o bsc#1258518 o bsc#1258849 o bsc#1258850 o bsc#1259857 o jsc#PED-12836 o CVE-2022-49604 o CVE-2022-49943 o CVE-2022-49980 o CVE-2022-50232 o CVE-2023-52433 o CVE-2023-52923 o CVE-2023-53178 o CVE-2023-53407 o CVE-2023-53412 o CVE-2023-53417 o CVE-2023-53418 o CVE-2024-26581 o CVE-2024-26832 o CVE-2024-46854 o CVE-2024-50143 o CVE-2024-54031 o CVE-2025-21658 o CVE-2025-21738 o CVE-2025-21760 o CVE-2025-21764 o CVE-2025-21765 o CVE-2025-21766 Cross-References: o CVE-2025-38563 o CVE-2025-38565 o CVE-2025-38684 o CVE-2025-40044 o CVE-2025-40139 o CVE-2025-40242 o CVE-2025-68312 o CVE-2025-71066 o CVE-2025-71085 o CVE-2025-71112 o CVE-2026-22999 o CVE-2026-23001 o CVE-2026-23004 o CVE-2026-23054 o CVE-2026-23060 o CVE-2026-23074 o CVE-2026-23089 o CVE-2026-23191 o CVE-2026-23204 o CVE-2026-23209 o CVE-2026-23268 o CVE-2026-23269 o CVE-2022-49604 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2022-49604 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2022-49604 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2022-49943 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L /UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N o CVE-2022-49943 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:L/I:L/A:H o CVE-2022-49943 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2022-49980 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2022-49980 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2022-49980 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2022-50232 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2022-50232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-52433 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2023-52433 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2023-52923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53178 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2023-53178 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53407 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2023-53407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2023-53407 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53407 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2023-53412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2023-53412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53417 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2023-53417 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2023-53417 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53417 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53418 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2023-53418 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2024-26581 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N /S:U/C:H/I:H/A:H o CVE-2024-26581 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2024-26581 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2024-26832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2024-26832 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2024-46854 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N /S:U/C:H/I:N/A:N o CVE-2024-46854 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:N/A:H o CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N o CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:L/I:L/A:H o CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2024-54031 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2024-54031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2024-54031 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-21658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2025-21658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2025-21658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-21658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-21738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2025-21738 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2025-21738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-21760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2025-21760 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2025-21764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2025-21764 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2025-21765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H CVSS scores: o CVE-2025-21765 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-21766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2025-21766 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-38563 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N /S:C/C:H/I:H/A:H o CVE-2025-38563 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2025-38565 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N o CVE-2025-38565 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:L o CVE-2025-38565 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2025-38684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2025-38684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-40044 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2025-40044 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:N/A:H o CVE-2025-40139 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2025-40139 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2025-40242 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2025-40242 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2025-68312 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2025-68312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2025-71085 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2025-71085 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N /S:U/C:N/I:N/A:H o CVE-2025-71085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2025-71112 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2025-71112 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2025-71112 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:N/A:H o CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2026-23001 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2026-23001 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-23001 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2026-23054 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2026-23054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2026-23060 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L /UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2026-23060 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N /S:U/C:N/I:N/A:H o CVE-2026-23060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:N/I:N/A:H o CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2026-23089 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L /UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2026-23089 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N /S:U/C:H/I:N/A:H o CVE-2026-23089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2026-23191 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2026-23191 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:H/I:N/A:H o CVE-2026-23191 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N o CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:N/A:H o CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/ S:U/C:H/I:H/A:H o CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L /UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N o CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N /S:U/C:H/I:H/A:H o CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L /UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N o CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N /S:U/C:L/I:N/A:H o SUSE Linux Enterprise Micro 5.3 Affected o SUSE Linux Enterprise Micro 5.4 Products: o SUSE Linux Enterprise Micro for Rancher 5.3 o SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 44 vulnerabilities, contains one feature and has seven security fixes can now be installed. Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: o CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084). o CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917). o CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). o CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171). o CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645). o CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623). o CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc# 1256726). o CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236). o CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc# 1257232). o CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). o CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). o CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). o CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). o CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). o CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340). o CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). o CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850). o CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857). The following non security issues were fixed: o apparmor: fix differential encoding verification (bsc#1258849). o apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc# 1258849). o apparmor: fix memory leak in verify_header (bsc#1258849). o apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc# 1258849). o apparmor: fix race between freeing data and fs accessing it (bsc#1258849). o apparmor: fix race on rawdata dereference (bsc#1258849). o apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849). o apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849). o apparmor: fix: limit the number of levels of policy namespaces (bsc# 1258849). o apparmor: replace recursive profile removal with iterative approach (bsc# 1258849). o apparmor: validate DFA start states are in bounds in unpack_pdb (bsc# 1258849). o net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). o net: tcp: allow zero-window ACK update the window (bsc#1254767). o net: tcp: send zero-window ACK when no memory (bsc#1254767). o scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). o tcp: correct handling of extreme memory squeeze (bsc#1254767). o x86/its: Fix crash during dynamic its initialization (bsc#1257771). o x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc() (bsc#1257771). Special Instructions and Notes: o Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1131=1 o SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1131=1 o SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1131=1 o SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1131=1 Package List: o SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) kernel-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) kernel-rt-debuginfo-5.14.21-150400.15.145.1 kernel-rt-debugsource-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) kernel-source-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) kernel-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro 5.3 (x86_64) kernel-rt-debuginfo-5.14.21-150400.15.145.1 kernel-rt-debugsource-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro 5.3 (noarch) kernel-source-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) kernel-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) kernel-rt-debuginfo-5.14.21-150400.15.145.1 kernel-rt-debugsource-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) kernel-source-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) kernel-rt-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro 5.4 (x86_64) kernel-rt-debuginfo-5.14.21-150400.15.145.1 kernel-rt-debugsource-5.14.21-150400.15.145.1 o SUSE Linux Enterprise Micro 5.4 (noarch) kernel-source-rt-5.14.21-150400.15.145.1 References: o https://www.suse.com/security/cve/CVE-2022-49604.html o https://www.suse.com/security/cve/CVE-2022-49943.html o https://www.suse.com/security/cve/CVE-2022-49980.html o https://www.suse.com/security/cve/CVE-2022-50232.html o https://www.suse.com/security/cve/CVE-2023-52433.html o https://www.suse.com/security/cve/CVE-2023-52923.html o https://www.suse.com/security/cve/CVE-2023-53178.html o https://www.suse.com/security/cve/CVE-2023-53407.html o https://www.suse.com/security/cve/CVE-2023-53412.html o https://www.suse.com/security/cve/CVE-2023-53417.html o https://www.suse.com/security/cve/CVE-2023-53418.html o https://www.suse.com/security/cve/CVE-2024-26581.html o https://www.suse.com/security/cve/CVE-2024-26832.html o https://www.suse.com/security/cve/CVE-2024-46854.html o https://www.suse.com/security/cve/CVE-2024-50143.html o https://www.suse.com/security/cve/CVE-2024-54031.html o https://www.suse.com/security/cve/CVE-2025-21658.html o https://www.suse.com/security/cve/CVE-2025-21738.html o https://www.suse.com/security/cve/CVE-2025-21760.html o https://www.suse.com/security/cve/CVE-2025-21764.html o https://www.suse.com/security/cve/CVE-2025-21765.html o https://www.suse.com/security/cve/CVE-2025-21766.html o https://www.suse.com/security/cve/CVE-2025-38563.html o https://www.suse.com/security/cve/CVE-2025-38565.html o https://www.suse.com/security/cve/CVE-2025-38684.html o https://www.suse.com/security/cve/CVE-2025-40044.html o https://www.suse.com/security/cve/CVE-2025-40139.html o https://www.suse.com/security/cve/CVE-2025-40242.html o https://www.suse.com/security/cve/CVE-2025-68312.html o https://www.suse.com/security/cve/CVE-2025-71066.html o https://www.suse.com/security/cve/CVE-2025-71085.html o https://www.suse.com/security/cve/CVE-2025-71112.html o https://www.suse.com/security/cve/CVE-2026-22999.html o https://www.suse.com/security/cve/CVE-2026-23001.html o https://www.suse.com/security/cve/CVE-2026-23004.html o https://www.suse.com/security/cve/CVE-2026-23054.html o https://www.suse.com/security/cve/CVE-2026-23060.html o https://www.suse.com/security/cve/CVE-2026-23074.html o https://www.suse.com/security/cve/CVE-2026-23089.html o https://www.suse.com/security/cve/CVE-2026-23191.html o https://www.suse.com/security/cve/CVE-2026-23204.html o https://www.suse.com/security/cve/CVE-2026-23209.html o https://www.suse.com/security/cve/CVE-2026-23268.html o https://www.suse.com/security/cve/CVE-2026-23269.html o https://bugzilla.suse.com/show_bug.cgi?id=1220137 o https://bugzilla.suse.com/show_bug.cgi?id=1220144 o https://bugzilla.suse.com/show_bug.cgi?id=1223007 o https://bugzilla.suse.com/show_bug.cgi?id=1231084 o https://bugzilla.suse.com/show_bug.cgi?id=1233038 o https://bugzilla.suse.com/show_bug.cgi?id=1235905 o https://bugzilla.suse.com/show_bug.cgi?id=1236104 o https://bugzilla.suse.com/show_bug.cgi?id=1236208 o https://bugzilla.suse.com/show_bug.cgi?id=1237885 o https://bugzilla.suse.com/show_bug.cgi?id=1237906 o https://bugzilla.suse.com/show_bug.cgi?id=1238414 o https://bugzilla.suse.com/show_bug.cgi?id=1238754 o https://bugzilla.suse.com/show_bug.cgi?id=1238763 o https://bugzilla.suse.com/show_bug.cgi?id=1238917 o https://bugzilla.suse.com/show_bug.cgi?id=1244758 o https://bugzilla.suse.com/show_bug.cgi?id=1244904 o https://bugzilla.suse.com/show_bug.cgi?id=1245110 o https://bugzilla.suse.com/show_bug.cgi?id=1248306 o https://bugzilla.suse.com/show_bug.cgi?id=1248377 o https://bugzilla.suse.com/show_bug.cgi?id=1249156 o https://bugzilla.suse.com/show_bug.cgi?id=1249158 o https://bugzilla.suse.com/show_bug.cgi?id=1249827 o https://bugzilla.suse.com/show_bug.cgi?id=1252785 o https://bugzilla.suse.com/show_bug.cgi?id=1253028 o https://bugzilla.suse.com/show_bug.cgi?id=1253409 o https://bugzilla.suse.com/show_bug.cgi?id=1254462 o https://bugzilla.suse.com/show_bug.cgi?id=1254463 o https://bugzilla.suse.com/show_bug.cgi?id=1254464 o https://bugzilla.suse.com/show_bug.cgi?id=1254767 o https://bugzilla.suse.com/show_bug.cgi?id=1255075 o https://bugzilla.suse.com/show_bug.cgi?id=1255171 o https://bugzilla.suse.com/show_bug.cgi?id=1256623 o https://bugzilla.suse.com/show_bug.cgi?id=1256645 o https://bugzilla.suse.com/show_bug.cgi?id=1256726 o https://bugzilla.suse.com/show_bug.cgi?id=1256792 o https://bugzilla.suse.com/show_bug.cgi?id=1257231 o https://bugzilla.suse.com/show_bug.cgi?id=1257232 o https://bugzilla.suse.com/show_bug.cgi?id=1257236 o https://bugzilla.suse.com/show_bug.cgi?id=1257296 o https://bugzilla.suse.com/show_bug.cgi?id=1257473 o https://bugzilla.suse.com/show_bug.cgi?id=1257732 o https://bugzilla.suse.com/show_bug.cgi?id=1257735 o https://bugzilla.suse.com/show_bug.cgi?id=1257749 o https://bugzilla.suse.com/show_bug.cgi?id=1257771 o https://bugzilla.suse.com/show_bug.cgi?id=1257790 o https://bugzilla.suse.com/show_bug.cgi?id=1258340 o https://bugzilla.suse.com/show_bug.cgi?id=1258395 o https://bugzilla.suse.com/show_bug.cgi?id=1258518 o https://bugzilla.suse.com/show_bug.cgi?id=1258849 o https://bugzilla.suse.com/show_bug.cgi?id=1258850 o https://bugzilla.suse.com/show_bug.cgi?id=1259857 o https://jira.suse.com/browse/PED-12836 - --------------------------END INCLUDED TEXT---------------------- You have received this e-mail bulletin as a result of your organisation's registration with AUSCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AUSCERT's members. As AUSCERT did not write the document quoted above, AUSCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AUSCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://portal.auscert.org.au/bulletins/ =========================================================================== AUSCERT The University of Queensland, Brisbane QLD 4072 Australia e: auscert@auscert.org.au t: +61 (0)7 3365 4417 Allies in Cyber Security ===========================================================================