SUSE-SU-2026:21503-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-202621503-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:21503-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2026:21503-1
- Upstream
- Related
- Published
- 2026-05-05T13:18:42Z
- Modified
- 2026-05-08T18:23:48.531696Z
- Summary
- Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
- Details
-
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange (bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6uncachedlistdel() and rtdeluncachedlist() (bsc#1258655).
- CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful() (bsc#1259126).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-202621503-1/
- https://bugzilla.suse.com/1252048
- https://bugzilla.suse.com/1258005
- https://bugzilla.suse.com/1258655
- https://bugzilla.suse.com/1259126
- https://bugzilla.suse.com/1263689
- https://www.suse.com/security/cve/CVE-2025-39977
- https://www.suse.com/security/cve/CVE-2025-71066
- https://www.suse.com/security/cve/CVE-2026-23004
- https://www.suse.com/security/cve/CVE-2026-23204
- https://www.suse.com/security/cve/CVE-2026-31431