SUSE alert SUSE-SU-2026:1606-1 (kernel)
| From: | SLE-SECURITY-UPDATES <null@suse.de> | |
| To: | sle-security-updates@lists.suse.com | |
| Subject: | SUSE-SU-2026:1606-1: important: Security update for the Linux Kernel | |
| Date: | Fri, 24 Apr 2026 16:30:32 -0000 | |
| Message-ID: | <177704823201.3109.1601644783462734619@a0a563bcf2df> |
# Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1606-1 Release Date: 2026-04-24T11:50:26Z Rating: important References: * bsc#1215492 * bsc#1246057 * bsc#1256675 * bsc#1257773 * bsc#1259797 * bsc#1260005 * bsc#1260009 * bsc#1260347 * bsc#1260562 Cross-References: * CVE-2025-38234 * CVE-2025-68818 * CVE-2026-23103 * CVE-2026-23243 * CVE-2026-23272 * CVE-2026-23274 * CVE-2026-23317 CVSS scores: * CVE-2025-38234 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38234 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38234 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23272 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057). * CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797). * CVE-2026-23272: netfilter: nf_tables: unconditionally bump set-nelems before insertion (bsc#1260009). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562). The following non security issues were fixed: * nvme-fc: use ctrl state getter (git-fixes bsc#1215492). * nvme-pci: fix queue unquiesce check on slot_reset (git-fixes). * nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes). * PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes). * PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes). * PCI: Fix pci_slot_trylock() error handling (git-fixes). * PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes). * PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes). * x86/platform/uv: Handle deconfigured sockets (bsc#1260347). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1606=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1606=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1606=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1606=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1606=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1606=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.144.1.150500.6.71.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.144.1 * kernel-default-debuginfo-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.144.1 * kernel-source-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dlm-kmp-default-debuginfo-5.14.21-150500.55.144.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.144.1 * dlm-kmp-default-5.14.21-150500.55.144.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.144.1 * kernel-obs-build-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-5.14.21-150500.55.144.1 * gfs2-kmp-default-5.14.21-150500.55.144.1 * kernel-default-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-syms-5.14.21-150500.55.144.1 * kernel-default-base-5.14.21-150500.55.144.1.150500.6.71.1 * cluster-md-kmp-default-5.14.21-150500.55.144.1 * kernel-obs-build-5.14.21-150500.55.144.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-devel-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.144.1 * kernel-64kb-devel-5.14.21-150500.55.144.1 * kernel-64kb-debuginfo-5.14.21-150500.55.144.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.144.1 * kernel-devel-5.14.21-150500.55.144.1 * kernel-source-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dlm-kmp-default-debuginfo-5.14.21-150500.55.144.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.144.1 * dlm-kmp-default-5.14.21-150500.55.144.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.144.1 * kernel-obs-build-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-5.14.21-150500.55.144.1 * gfs2-kmp-default-5.14.21-150500.55.144.1 * kernel-default-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-syms-5.14.21-150500.55.144.1 * kernel-default-base-5.14.21-150500.55.144.1.150500.6.71.1 * cluster-md-kmp-default-5.14.21-150500.55.144.1 * kernel-obs-build-5.14.21-150500.55.144.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-devel-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.144.1 * kernel-64kb-devel-5.14.21-150500.55.144.1 * kernel-64kb-debuginfo-5.14.21-150500.55.144.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.144.1 * kernel-devel-5.14.21-150500.55.144.1 * kernel-source-5.14.21-150500.55.144.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.14.21-150500.55.144.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.144.1 * dlm-kmp-default-5.14.21-150500.55.144.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.144.1 * kernel-obs-build-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-5.14.21-150500.55.144.1 * gfs2-kmp-default-5.14.21-150500.55.144.1 * kernel-default-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-syms-5.14.21-150500.55.144.1 * cluster-md-kmp-default-5.14.21-150500.55.144.1 * reiserfs-kmp-default-5.14.21-150500.55.144.1 * kernel-obs-build-5.14.21-150500.55.144.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-devel-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.144.1 * kernel-64kb-devel-5.14.21-150500.55.144.1 * kernel-64kb-debuginfo-5.14.21-150500.55.144.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.144.1.150500.6.71.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-macros-5.14.21-150500.55.144.1 * kernel-devel-5.14.21-150500.55.144.1 * kernel-source-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.144.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dlm-kmp-default-debuginfo-5.14.21-150500.55.144.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.144.1 * dlm-kmp-default-5.14.21-150500.55.144.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.144.1 * kernel-obs-build-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-5.14.21-150500.55.144.1 * gfs2-kmp-default-5.14.21-150500.55.144.1 * kernel-default-debugsource-5.14.21-150500.55.144.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-syms-5.14.21-150500.55.144.1 * kernel-default-base-5.14.21-150500.55.144.1.150500.6.71.1 * cluster-md-kmp-default-5.14.21-150500.55.144.1 * reiserfs-kmp-default-5.14.21-150500.55.144.1 * kernel-obs-build-5.14.21-150500.55.144.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.144.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-debuginfo-5.14.21-150500.55.144.1 * kernel-default-devel-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.144.1 * kernel-devel-5.14.21-150500.55.144.1 * kernel-source-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.144.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.144.1 * kernel-default-livepatch-devel-5.14.21-150500.55.144.1 * kernel-livepatch-SLE15-SP5_Update_37-debugsource-1-150500.11.3.1 * kernel-default-livepatch-5.14.21-150500.55.144.1 * kernel-livepatch-5_14_21-150500_55_144-default-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_144-default-debuginfo-1-150500.11.3.1 * kernel-default-debuginfo-5.14.21-150500.55.144.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38234.html * https://www.suse.com/security/cve/CVE-2025-68818.html * https://www.suse.com/security/cve/CVE-2026-23103.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23272.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://bugzilla.suse.com/show_bug.cgi?id=1215492 * https://bugzilla.suse.com/show_bug.cgi?id=1246057 * https://bugzilla.suse.com/show_bug.cgi?id=1256675 * https://bugzilla.suse.com/show_bug.cgi?id=1257773 * https://bugzilla.suse.com/show_bug.cgi?id=1259797 * https://bugzilla.suse.com/show_bug.cgi?id=1260005 * https://bugzilla.suse.com/show_bug.cgi?id=1260009 * https://bugzilla.suse.com/show_bug.cgi?id=1260347 * https://bugzilla.suse.com/show_bug.cgi?id=1260562
Attachment: None (type=text/html)
(HTML attachment elided)