SUSE-SU-2026:1643-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-20261643-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1643-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2026:1643-1
- Upstream
- Related
- Published
- 2026-04-28T13:27:21Z
- Modified
- 2026-04-30T18:24:15.617097Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow (bsc#1252073).
- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
- CVE-2026-23231: netfilter: nftables: fix use-after-free in nftables_addchain() (bsc#1259188).
- CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumad_write (bsc#1259797).
- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009).
- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
- CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).
- CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).
- CVE-2026-23317: drm/vmwgfx: Return the correct value in vmwtranslateptr functions (bsc#1260562).
- CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).
- CVE-2026-23398: icmp: fix NULL pointer dereference in icmptagvalidation() (bsc#1260730).
- CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412).
- CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).
- CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).
The following non security issues were fixed:
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461).
- KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122).
- net: mana: fix use-after-free in add_adev() error path (git-fixes).
- net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).
- x86/platform/uv: Handle deconfigured sockets (bsc#1260347).
- xen/privcmd: unregister xenstore notifier on module exit (git-fixes).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-20261643-1/
- https://bugzilla.suse.com/1252073
- https://bugzilla.suse.com/1253122
- https://bugzilla.suse.com/1257506
- https://bugzilla.suse.com/1257773
- https://bugzilla.suse.com/1259188
- https://bugzilla.suse.com/1259461
- https://bugzilla.suse.com/1259580
- https://bugzilla.suse.com/1259707
- https://bugzilla.suse.com/1259797
- https://bugzilla.suse.com/1259998
- https://bugzilla.suse.com/1260005
- https://bugzilla.suse.com/1260009
- https://bugzilla.suse.com/1260347
- https://bugzilla.suse.com/1260471
- https://bugzilla.suse.com/1260486
- https://bugzilla.suse.com/1260562
- https://bugzilla.suse.com/1260730
- https://bugzilla.suse.com/1261412
- https://bugzilla.suse.com/1261498
- https://www.suse.com/security/cve/CVE-2025-39998
- https://www.suse.com/security/cve/CVE-2026-23103
- https://www.suse.com/security/cve/CVE-2026-23231
- https://www.suse.com/security/cve/CVE-2026-23243
- https://www.suse.com/security/cve/CVE-2026-23272
- https://www.suse.com/security/cve/CVE-2026-23274
- https://www.suse.com/security/cve/CVE-2026-23278
- https://www.suse.com/security/cve/CVE-2026-23293
- https://www.suse.com/security/cve/CVE-2026-23317
- https://www.suse.com/security/cve/CVE-2026-23381
- https://www.suse.com/security/cve/CVE-2026-23398
- https://www.suse.com/security/cve/CVE-2026-23412
- https://www.suse.com/security/cve/CVE-2026-23413
- https://www.suse.com/security/cve/CVE-2026-31788