SUSE-SU-2026:0496-1

CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
CVE-2023-54142: gtp: Fix use-after-free in __gtpencapdestroy() (bsc#1256095).
CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210).
CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock() (bsc#1245723).
CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751).
CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer() (bsc#1254842).
CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483).
CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251).
CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handleauthsession_key() (bsc#1255377).
CVE-2025-68285: libceph: fix potential use-after-free in havemonandosdmap() (bsc#1255401).
CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2findvictim_chain (bsc#1256582).
CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
CVE-2025-71085: ipv6: BUG() in pskbexpandhead() as part of calipsoskbuffsetattr() (bsc#1256623).
CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxy_verf (bsc#1256779).
CVE-2026-22999: net/sched: schqfq: do not free existing class in qfqchange_class() (bsc#1257236).
CVE-2026-23001: macvlan: fix possible UAF in macvlanforwardsource() (bsc#1257232).
CVE-2023-53215: sched/fair: Don't balance task to its current running CPU (bsc#1250397).
CVE-2024-44987: ipv6: prevent UAF in ip6sendskb() (bsc#1230185).

The following non security issues were fixed:

Revert 'ocfs2: fix kernel BUG in ocfs2findvictim_chain (bsc#1256582)'.
mm, page_alloc, thp: prevent reclaim for _GFPTHISNODE THP allocations (bsc#1253087 bsc#1254447).
net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
net: tcp: allow zero-window ACK update the window (bsc#1254767).
net: tcp: send zero-window ACK when no memory (bsc#1254767).
scsi: storvsc: Process unsupported MODESENSE10 (bsc#1257296).
tcp: correct handling of extreme memory squeeze (bsc#1254767).
x86: make page fault handling disable interrupts properly (git-fixes).

References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / kernel-rt

Package

Name: kernel-rt
Purl: pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.14.21-150500.13.121.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.121.1",
            "kernel-source-rt": "5.14.21-150500.13.121.1",
            "kernel-rt": "5.14.21-150500.13.121.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0496-1.json"

SUSE:Linux Enterprise Micro 5.5 / kernel-source-rt

Package

Name: kernel-source-rt
Purl: pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.14.21-150500.13.121.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.121.1",
            "kernel-source-rt": "5.14.21-150500.13.121.1",
            "kernel-rt": "5.14.21-150500.13.121.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0496-1.json"