SUSE-SU-2026:20164-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-202620164-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20164-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2026:20164-1
- Upstream
- Related
- Published
- 2026-01-26T09:12:02Z
- Modified
- 2026-03-23T04:52:39.240449Z
- Summary
- Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)
- Details
-
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).
- CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248301).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6gsosegment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6nlmsgsize() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpfmsgpop_data() in ktls (bsc#1248670).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).
- CVE-2025-38617: net/packet: fix a race in packetsetring() and packet_notifier() (bsc#1249208).
- CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY (bsc#1249207).
- CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg() (bsc#1248631).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-39963: iouring: fix incorrect iokiocb reference in iolinkskb (bsc#1251982).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
- CVE-2025-40212: nfsd: fix refcount leak in nfsdsetfh_dentry() (bsc#1254196).
The following non security issue was fixed:
- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-202620164-1/
- https://bugzilla.suse.com/1246019
- https://bugzilla.suse.com/1248301
- https://bugzilla.suse.com/1248400
- https://bugzilla.suse.com/1248631
- https://bugzilla.suse.com/1248670
- https://bugzilla.suse.com/1248672
- https://bugzilla.suse.com/1249207
- https://bugzilla.suse.com/1249208
- https://bugzilla.suse.com/1249241
- https://bugzilla.suse.com/1249537
- https://bugzilla.suse.com/1250192
- https://bugzilla.suse.com/1251982
- https://bugzilla.suse.com/1252270
- https://bugzilla.suse.com/1253437
- https://bugzilla.suse.com/1254196
- https://www.suse.com/security/cve/CVE-2024-53164
- https://www.suse.com/security/cve/CVE-2025-38500
- https://www.suse.com/security/cve/CVE-2025-38554
- https://www.suse.com/security/cve/CVE-2025-38572
- https://www.suse.com/security/cve/CVE-2025-38588
- https://www.suse.com/security/cve/CVE-2025-38608
- https://www.suse.com/security/cve/CVE-2025-38616
- https://www.suse.com/security/cve/CVE-2025-38617
- https://www.suse.com/security/cve/CVE-2025-38618
- https://www.suse.com/security/cve/CVE-2025-38664
- https://www.suse.com/security/cve/CVE-2025-39682
- https://www.suse.com/security/cve/CVE-2025-39963
- https://www.suse.com/security/cve/CVE-2025-40204
- https://www.suse.com/security/cve/CVE-2025-40212