SUSE-SU-2026:1793-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-20261793-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1793-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2026:1793-1
- Upstream
- Related
- Published
- 2026-05-09T11:34:27Z
- Modified
- 2026-05-12T18:24:45.083076Z
- Summary
- Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)
- Details
-
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues
The following security issues were fixed:
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange (bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6uncachedlistdel() and rtdeluncachedlist() (bsc#1258655).
- CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful() (bsc#1259126).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-20261793-1/
- https://bugzilla.suse.com/1252048
- https://bugzilla.suse.com/1258005
- https://bugzilla.suse.com/1258073
- https://bugzilla.suse.com/1258655
- https://bugzilla.suse.com/1259126
- https://bugzilla.suse.com/1263689
- https://www.suse.com/security/cve/CVE-2025-38375
- https://www.suse.com/security/cve/CVE-2025-39977
- https://www.suse.com/security/cve/CVE-2025-71066
- https://www.suse.com/security/cve/CVE-2026-23004
- https://www.suse.com/security/cve/CVE-2026-23204
- https://www.suse.com/security/cve/CVE-2026-31431