Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-39977 (GCVE-0-2025-39977)
Vulnerability from cvelistv5 – Published: 2025-10-15 07:55 – Updated: 2026-05-12 12:07
VLAI
EPSS
Title
futex: Prevent use-after-free during requeue-PI
Summary
In the Linux kernel, the following vulnerability has been resolved:
futex: Prevent use-after-free during requeue-PI
syzbot managed to trigger the following race:
T1 T2
futex_wait_requeue_pi()
futex_do_wait()
schedule()
futex_requeue()
futex_proxy_trylock_atomic()
futex_requeue_pi_prepare()
requeue_pi_wake_futex()
futex_requeue_pi_complete()
/* preempt */
* timeout/ signal wakes T1 *
futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED
futex_hash_put()
// back to userland, on stack futex_q is garbage
/* back */
wake_up_state(q->task, TASK_NORMAL);
In this scenario futex_wait_requeue_pi() is able to leave without using
futex_q::lock_ptr for synchronization.
This can be prevented by reading futex_q::task before updating the
futex_q::requeue_state. A reference on the task_struct is not needed
because requeue_pi_wake_futex() is invoked with a spinlock_t held which
implies a RCU read section.
Even if T1 terminates immediately after, the task_struct will remain valid
during T2's wake_up_state(). A READ_ONCE on futex_q::task before
futex_requeue_pi_complete() is enough because it ensures that the variable
is read before the state is updated.
Read futex_q::task before updating the requeue state, use it for the
following wakeup.
Severity
No CVSS data available.
Assigner
References
6 references
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
07d91ef510fb16a2e0ca7453222105835b7ba3b8 , < cb5d19a61274b51b49601214a87af573b43d60fa
(git)
Affected: 07d91ef510fb16a2e0ca7453222105835b7ba3b8 , < 348736955ed6ca6e99ca24b93b1d3fbfe352c181 (git) Affected: 07d91ef510fb16a2e0ca7453222105835b7ba3b8 , < a170b9c0dde83312b8b58ccc91509c7c15711641 (git) Affected: 07d91ef510fb16a2e0ca7453222105835b7ba3b8 , < d824b2dbdcfe3c390278dd9652ea526168ef6850 (git) Affected: 07d91ef510fb16a2e0ca7453222105835b7ba3b8 , < b549113738e8c751b613118032a724b772aa83f2 (git) |
|
| Linux | Linux |
Affected:
5.15
Unaffected: 0 , < 5.15 (semver) Unaffected: 6.1.155 , ≤ 6.1.* (semver) Unaffected: 6.6.109 , ≤ 6.6.* (semver) Unaffected: 6.12.50 , ≤ 6.12.* (semver) Unaffected: 6.16.10 , ≤ 6.16.* (semver) Unaffected: 6.17 , ≤ * (original_commit_for_fix) |
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:07:49.576Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/futex/requeue.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cb5d19a61274b51b49601214a87af573b43d60fa",
"status": "affected",
"version": "07d91ef510fb16a2e0ca7453222105835b7ba3b8",
"versionType": "git"
},
{
"lessThan": "348736955ed6ca6e99ca24b93b1d3fbfe352c181",
"status": "affected",
"version": "07d91ef510fb16a2e0ca7453222105835b7ba3b8",
"versionType": "git"
},
{
"lessThan": "a170b9c0dde83312b8b58ccc91509c7c15711641",
"status": "affected",
"version": "07d91ef510fb16a2e0ca7453222105835b7ba3b8",
"versionType": "git"
},
{
"lessThan": "d824b2dbdcfe3c390278dd9652ea526168ef6850",
"status": "affected",
"version": "07d91ef510fb16a2e0ca7453222105835b7ba3b8",
"versionType": "git"
},
{
"lessThan": "b549113738e8c751b613118032a724b772aa83f2",
"status": "affected",
"version": "07d91ef510fb16a2e0ca7453222105835b7ba3b8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/futex/requeue.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.155",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.109",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.50",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.16.*",
"status": "unaffected",
"version": "6.16.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.155",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.109",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.50",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.16.10",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.17",
"versionStartIncluding": "5.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:40:05.354Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cb5d19a61274b51b49601214a87af573b43d60fa"
},
{
"url": "https://git.kernel.org/stable/c/348736955ed6ca6e99ca24b93b1d3fbfe352c181"
},
{
"url": "https://git.kernel.org/stable/c/a170b9c0dde83312b8b58ccc91509c7c15711641"
},
{
"url": "https://git.kernel.org/stable/c/d824b2dbdcfe3c390278dd9652ea526168ef6850"
},
{
"url": "https://git.kernel.org/stable/c/b549113738e8c751b613118032a724b772aa83f2"
}
],
"title": "futex: Prevent use-after-free during requeue-PI",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-39977",
"datePublished": "2025-10-15T07:55:58.283Z",
"dateReserved": "2025-04-16T07:20:57.150Z",
"dateUpdated": "2026-05-12T12:07:49.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-39977",
"date": "2026-06-29",
"epss": "0.00188",
"percentile": "0.08611"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-39977\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-10-15T08:15:35.517\",\"lastModified\":\"2026-06-17T09:18:56.690\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nfutex: Prevent use-after-free during requeue-PI\\n\\nsyzbot managed to trigger the following race:\\n\\n T1 T2\\n\\n futex_wait_requeue_pi()\\n futex_do_wait()\\n schedule()\\n futex_requeue()\\n futex_proxy_trylock_atomic()\\n futex_requeue_pi_prepare()\\n requeue_pi_wake_futex()\\n futex_requeue_pi_complete()\\n /* preempt */\\n\\n * timeout/ signal wakes T1 *\\n\\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\\n futex_hash_put()\\n // back to userland, on stack futex_q is garbage\\n\\n /* back */\\n wake_up_state(q-\u003etask, TASK_NORMAL);\\n\\nIn this scenario futex_wait_requeue_pi() is able to leave without using\\nfutex_q::lock_ptr for synchronization.\\n\\nThis can be prevented by reading futex_q::task before updating the\\nfutex_q::requeue_state. A reference on the task_struct is not needed\\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\\nimplies a RCU read section.\\n\\nEven if T1 terminates immediately after, the task_struct will remain valid\\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\\nfutex_requeue_pi_complete() is enough because it ensures that the variable\\nis read before the state is updated.\\n\\nRead futex_q::task before updating the requeue state, use it for the\\nfollowing wakeup.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"kernel/futex/requeue.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"07d91ef510fb16a2e0ca7453222105835b7ba3b8\",\"lessThan\":\"cb5d19a61274b51b49601214a87af573b43d60fa\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"07d91ef510fb16a2e0ca7453222105835b7ba3b8\",\"lessThan\":\"348736955ed6ca6e99ca24b93b1d3fbfe352c181\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"07d91ef510fb16a2e0ca7453222105835b7ba3b8\",\"lessThan\":\"a170b9c0dde83312b8b58ccc91509c7c15711641\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"07d91ef510fb16a2e0ca7453222105835b7ba3b8\",\"lessThan\":\"d824b2dbdcfe3c390278dd9652ea526168ef6850\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"07d91ef510fb16a2e0ca7453222105835b7ba3b8\",\"lessThan\":\"b549113738e8c751b613118032a724b772aa83f2\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"kernel/futex/requeue.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"5.15\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"5.15\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.155\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.109\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.50\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.16.10\",\"lessThanOrEqual\":\"6.16.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.17\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/348736955ed6ca6e99ca24b93b1d3fbfe352c181\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a170b9c0dde83312b8b58ccc91509c7c15711641\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b549113738e8c751b613118032a724b772aa83f2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/cb5d19a61274b51b49601214a87af573b43d60fa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d824b2dbdcfe3c390278dd9652ea526168ef6850\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}"
}
}
SUSE-SU-2026:21555-1
Vulnerability from csaf_suse - Published: 2026-05-05 19:51 - Updated: 2026-05-05 19:51Summary
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
(bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).
- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).
- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
Patchnames: SUSE-SLES-16.0-692
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-692",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21555-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21555-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621555-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21555-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046350.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252048",
"url": "https://bugzilla.suse.com/1252048"
},
{
"category": "self",
"summary": "SUSE Bug 1258005",
"url": "https://bugzilla.suse.com/1258005"
},
{
"category": "self",
"summary": "SUSE Bug 1258655",
"url": "https://bugzilla.suse.com/1258655"
},
{
"category": "self",
"summary": "SUSE Bug 1259126",
"url": "https://bugzilla.suse.com/1259126"
},
{
"category": "self",
"summary": "SUSE Bug 1261630",
"url": "https://bugzilla.suse.com/1261630"
},
{
"category": "self",
"summary": "SUSE Bug 1261845",
"url": "https://bugzilla.suse.com/1261845"
},
{
"category": "self",
"summary": "SUSE Bug 1263689",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39977 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23437 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31431 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31431/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-05-05T19:51:56Z",
"generator": {
"date": "2026-05-05T19:51:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21555-1",
"initial_release_date": "2026-05-05T19:51:56Z",
"revision_history": [
{
"date": "2026-05-05T19:51:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39977",
"url": "https://www.suse.com/security/cve/CVE-2025-39977"
},
{
"category": "external",
"summary": "SUSE Bug 1252046 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252046"
},
{
"category": "external",
"summary": "SUSE Bug 1252048 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "external",
"summary": "SUSE Bug 1258005 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1258005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2026-23004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n INIT_LIST_HEAD include/linux/list.h:46 [inline]\n list_del_init include/linux/list.h:296 [inline]\n rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n call_netdevice_notifiers net/core/dev.c:2282 [inline]\n netif_close_many+0x29c/0x410 net/core/dev.c:1785\n unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n kasan_save_stack mm/kasan/common.c:57 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n unpoison_slab_object mm/kasan/common.c:340 [inline]\n __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n kasan_slab_alloc include/linux/kasan.h:253 [inline]\n slab_post_alloc_hook mm/slub.c:4953 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n dst_alloc+0x105/0x170 net/core/dst.c:89\n ip6_dst_alloc net/ipv6/route.c:342 [inline]\n icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23004",
"url": "https://www.suse.com/security/cve/CVE-2026-23004"
},
{
"category": "external",
"summary": "SUSE Bug 1257231 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1257231"
},
{
"category": "external",
"summary": "SUSE Bug 1258655 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1258655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2026-23004"
},
{
"cve": "CVE-2026-23204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23204",
"url": "https://www.suse.com/security/cve/CVE-2026-23204"
},
{
"category": "external",
"summary": "SUSE Bug 1258340 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "external",
"summary": "SUSE Bug 1259126 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1259126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23437",
"url": "https://www.suse.com/security/cve/CVE-2026-23437"
},
{
"category": "external",
"summary": "SUSE Bug 1261635 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261635"
},
{
"category": "external",
"summary": "SUSE Bug 1261845 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2026-23437"
},
{
"cve": "CVE-2026-31406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\ncleanup_net() [Round 1]\n ops_undo_list()\n xfrm_net_exit()\n xfrm_nat_keepalive_net_fini()\n cancel_delayed_work_sync(nat_keepalive_work);\n xfrm_state_fini()\n xfrm_state_flush()\n xfrm_state_delete(x)\n __xfrm_state_delete(x)\n xfrm_nat_keepalive_state_updated(x)\n schedule_delayed_work(nat_keepalive_work);\n rcu_barrier();\n net_complete_free();\n net_passive_dec(net);\n llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n rcu_barrier();\n net_complete_free()\n kmem_cache_free(net_cachep, net);\n nat_keepalive_work()\n // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31406",
"url": "https://www.suse.com/security/cve/CVE-2026-31406"
},
{
"category": "external",
"summary": "SUSE Bug 1261629 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261629"
},
{
"category": "external",
"summary": "SUSE Bug 1261630 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2026-31406"
},
{
"cve": "CVE-2026-31431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31431",
"url": "https://www.suse.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "SUSE Bug 1262573 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1262573"
},
{
"category": "external",
"summary": "SUSE Bug 1263689 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "external",
"summary": "SUSE Bug 1263938 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263938"
},
{
"category": "external",
"summary": "SUSE Bug 1263939 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263939"
},
{
"category": "external",
"summary": "SUSE Bug 1264274 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1264274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-05T19:51:56Z",
"details": "important"
}
],
"title": "CVE-2026-31431"
}
]
}
SUSE-SU-2026:21562-1
Vulnerability from csaf_suse - Published: 2026-05-06 09:14 - Updated: 2026-05-06 09:14Summary
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
(bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).
- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).
- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
Patchnames: SUSE-SLES-16.0-705
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-705",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21562-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21562-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621562-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21562-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046334.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252048",
"url": "https://bugzilla.suse.com/1252048"
},
{
"category": "self",
"summary": "SUSE Bug 1258005",
"url": "https://bugzilla.suse.com/1258005"
},
{
"category": "self",
"summary": "SUSE Bug 1258655",
"url": "https://bugzilla.suse.com/1258655"
},
{
"category": "self",
"summary": "SUSE Bug 1259126",
"url": "https://bugzilla.suse.com/1259126"
},
{
"category": "self",
"summary": "SUSE Bug 1261630",
"url": "https://bugzilla.suse.com/1261630"
},
{
"category": "self",
"summary": "SUSE Bug 1261845",
"url": "https://bugzilla.suse.com/1261845"
},
{
"category": "self",
"summary": "SUSE Bug 1263689",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39977 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23437 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31431 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31431/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-05-06T09:14:44Z",
"generator": {
"date": "2026-05-06T09:14:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21562-1",
"initial_release_date": "2026-05-06T09:14:44Z",
"revision_history": [
{
"date": "2026-05-06T09:14:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39977",
"url": "https://www.suse.com/security/cve/CVE-2025-39977"
},
{
"category": "external",
"summary": "SUSE Bug 1252046 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252046"
},
{
"category": "external",
"summary": "SUSE Bug 1252048 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "external",
"summary": "SUSE Bug 1258005 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1258005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2026-23004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n INIT_LIST_HEAD include/linux/list.h:46 [inline]\n list_del_init include/linux/list.h:296 [inline]\n rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n call_netdevice_notifiers net/core/dev.c:2282 [inline]\n netif_close_many+0x29c/0x410 net/core/dev.c:1785\n unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n kasan_save_stack mm/kasan/common.c:57 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n unpoison_slab_object mm/kasan/common.c:340 [inline]\n __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n kasan_slab_alloc include/linux/kasan.h:253 [inline]\n slab_post_alloc_hook mm/slub.c:4953 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n dst_alloc+0x105/0x170 net/core/dst.c:89\n ip6_dst_alloc net/ipv6/route.c:342 [inline]\n icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23004",
"url": "https://www.suse.com/security/cve/CVE-2026-23004"
},
{
"category": "external",
"summary": "SUSE Bug 1257231 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1257231"
},
{
"category": "external",
"summary": "SUSE Bug 1258655 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1258655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2026-23004"
},
{
"cve": "CVE-2026-23204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23204",
"url": "https://www.suse.com/security/cve/CVE-2026-23204"
},
{
"category": "external",
"summary": "SUSE Bug 1258340 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "external",
"summary": "SUSE Bug 1259126 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1259126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23437",
"url": "https://www.suse.com/security/cve/CVE-2026-23437"
},
{
"category": "external",
"summary": "SUSE Bug 1261635 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261635"
},
{
"category": "external",
"summary": "SUSE Bug 1261845 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2026-23437"
},
{
"cve": "CVE-2026-31406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\ncleanup_net() [Round 1]\n ops_undo_list()\n xfrm_net_exit()\n xfrm_nat_keepalive_net_fini()\n cancel_delayed_work_sync(nat_keepalive_work);\n xfrm_state_fini()\n xfrm_state_flush()\n xfrm_state_delete(x)\n __xfrm_state_delete(x)\n xfrm_nat_keepalive_state_updated(x)\n schedule_delayed_work(nat_keepalive_work);\n rcu_barrier();\n net_complete_free();\n net_passive_dec(net);\n llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n rcu_barrier();\n net_complete_free()\n kmem_cache_free(net_cachep, net);\n nat_keepalive_work()\n // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31406",
"url": "https://www.suse.com/security/cve/CVE-2026-31406"
},
{
"category": "external",
"summary": "SUSE Bug 1261629 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261629"
},
{
"category": "external",
"summary": "SUSE Bug 1261630 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2026-31406"
},
{
"cve": "CVE-2026-31431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31431",
"url": "https://www.suse.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "SUSE Bug 1262573 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1262573"
},
{
"category": "external",
"summary": "SUSE Bug 1263689 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "external",
"summary": "SUSE Bug 1263938 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263938"
},
{
"category": "external",
"summary": "SUSE Bug 1263939 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263939"
},
{
"category": "external",
"summary": "SUSE Bug 1264274 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1264274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:14:44Z",
"details": "important"
}
],
"title": "CVE-2026-31431"
}
]
}
SUSE-SU-2026:21563-1
Vulnerability from csaf_suse - Published: 2026-05-06 09:28 - Updated: 2026-05-06 09:28Summary
Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
(bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).
- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).
- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
Patchnames: SUSE-SLES-16.0-706
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-706",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21563-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21563-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621563-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21563-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046347.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252048",
"url": "https://bugzilla.suse.com/1252048"
},
{
"category": "self",
"summary": "SUSE Bug 1258005",
"url": "https://bugzilla.suse.com/1258005"
},
{
"category": "self",
"summary": "SUSE Bug 1258655",
"url": "https://bugzilla.suse.com/1258655"
},
{
"category": "self",
"summary": "SUSE Bug 1259126",
"url": "https://bugzilla.suse.com/1259126"
},
{
"category": "self",
"summary": "SUSE Bug 1261630",
"url": "https://bugzilla.suse.com/1261630"
},
{
"category": "self",
"summary": "SUSE Bug 1261845",
"url": "https://bugzilla.suse.com/1261845"
},
{
"category": "self",
"summary": "SUSE Bug 1263689",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39977 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23437 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31431 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31431/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-05-06T09:28:44Z",
"generator": {
"date": "2026-05-06T09:28:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21563-1",
"initial_release_date": "2026-05-06T09:28:44Z",
"revision_history": [
{
"date": "2026-05-06T09:28:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39977",
"url": "https://www.suse.com/security/cve/CVE-2025-39977"
},
{
"category": "external",
"summary": "SUSE Bug 1252046 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252046"
},
{
"category": "external",
"summary": "SUSE Bug 1252048 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "external",
"summary": "SUSE Bug 1258005 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1258005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2026-23004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n INIT_LIST_HEAD include/linux/list.h:46 [inline]\n list_del_init include/linux/list.h:296 [inline]\n rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n call_netdevice_notifiers net/core/dev.c:2282 [inline]\n netif_close_many+0x29c/0x410 net/core/dev.c:1785\n unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n kasan_save_stack mm/kasan/common.c:57 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n unpoison_slab_object mm/kasan/common.c:340 [inline]\n __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n kasan_slab_alloc include/linux/kasan.h:253 [inline]\n slab_post_alloc_hook mm/slub.c:4953 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n dst_alloc+0x105/0x170 net/core/dst.c:89\n ip6_dst_alloc net/ipv6/route.c:342 [inline]\n icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23004",
"url": "https://www.suse.com/security/cve/CVE-2026-23004"
},
{
"category": "external",
"summary": "SUSE Bug 1257231 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1257231"
},
{
"category": "external",
"summary": "SUSE Bug 1258655 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1258655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2026-23004"
},
{
"cve": "CVE-2026-23204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23204",
"url": "https://www.suse.com/security/cve/CVE-2026-23204"
},
{
"category": "external",
"summary": "SUSE Bug 1258340 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "external",
"summary": "SUSE Bug 1259126 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1259126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23437",
"url": "https://www.suse.com/security/cve/CVE-2026-23437"
},
{
"category": "external",
"summary": "SUSE Bug 1261635 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261635"
},
{
"category": "external",
"summary": "SUSE Bug 1261845 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2026-23437"
},
{
"cve": "CVE-2026-31406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\ncleanup_net() [Round 1]\n ops_undo_list()\n xfrm_net_exit()\n xfrm_nat_keepalive_net_fini()\n cancel_delayed_work_sync(nat_keepalive_work);\n xfrm_state_fini()\n xfrm_state_flush()\n xfrm_state_delete(x)\n __xfrm_state_delete(x)\n xfrm_nat_keepalive_state_updated(x)\n schedule_delayed_work(nat_keepalive_work);\n rcu_barrier();\n net_complete_free();\n net_passive_dec(net);\n llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n rcu_barrier();\n net_complete_free()\n kmem_cache_free(net_cachep, net);\n nat_keepalive_work()\n // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31406",
"url": "https://www.suse.com/security/cve/CVE-2026-31406"
},
{
"category": "external",
"summary": "SUSE Bug 1261629 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261629"
},
{
"category": "external",
"summary": "SUSE Bug 1261630 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2026-31406"
},
{
"cve": "CVE-2026-31431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31431",
"url": "https://www.suse.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "SUSE Bug 1262573 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1262573"
},
{
"category": "external",
"summary": "SUSE Bug 1263689 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "external",
"summary": "SUSE Bug 1263938 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263938"
},
{
"category": "external",
"summary": "SUSE Bug 1263939 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263939"
},
{
"category": "external",
"summary": "SUSE Bug 1264274 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1264274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T09:28:44Z",
"details": "important"
}
],
"title": "CVE-2026-31431"
}
]
}
SUSE-SU-2026:21591-1
Vulnerability from csaf_suse - Published: 2026-05-08 08:30 - Updated: 2026-05-08 08:30Summary
Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
(bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).
- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).
- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
Patchnames: SUSE-SL-Micro-6.2-690
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-690",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21591-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21591-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621591-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21591-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046457.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252048",
"url": "https://bugzilla.suse.com/1252048"
},
{
"category": "self",
"summary": "SUSE Bug 1258005",
"url": "https://bugzilla.suse.com/1258005"
},
{
"category": "self",
"summary": "SUSE Bug 1258655",
"url": "https://bugzilla.suse.com/1258655"
},
{
"category": "self",
"summary": "SUSE Bug 1259126",
"url": "https://bugzilla.suse.com/1259126"
},
{
"category": "self",
"summary": "SUSE Bug 1261630",
"url": "https://bugzilla.suse.com/1261630"
},
{
"category": "self",
"summary": "SUSE Bug 1261845",
"url": "https://bugzilla.suse.com/1261845"
},
{
"category": "self",
"summary": "SUSE Bug 1263689",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39977 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23437 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31431 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31431/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-05-08T08:30:42Z",
"generator": {
"date": "2026-05-08T08:30:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21591-1",
"initial_release_date": "2026-05-08T08:30:42Z",
"revision_history": [
{
"date": "2026-05-08T08:30:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39977",
"url": "https://www.suse.com/security/cve/CVE-2025-39977"
},
{
"category": "external",
"summary": "SUSE Bug 1252046 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252046"
},
{
"category": "external",
"summary": "SUSE Bug 1252048 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "external",
"summary": "SUSE Bug 1258005 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1258005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2026-23004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n INIT_LIST_HEAD include/linux/list.h:46 [inline]\n list_del_init include/linux/list.h:296 [inline]\n rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n call_netdevice_notifiers net/core/dev.c:2282 [inline]\n netif_close_many+0x29c/0x410 net/core/dev.c:1785\n unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n kasan_save_stack mm/kasan/common.c:57 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n unpoison_slab_object mm/kasan/common.c:340 [inline]\n __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n kasan_slab_alloc include/linux/kasan.h:253 [inline]\n slab_post_alloc_hook mm/slub.c:4953 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n dst_alloc+0x105/0x170 net/core/dst.c:89\n ip6_dst_alloc net/ipv6/route.c:342 [inline]\n icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23004",
"url": "https://www.suse.com/security/cve/CVE-2026-23004"
},
{
"category": "external",
"summary": "SUSE Bug 1257231 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1257231"
},
{
"category": "external",
"summary": "SUSE Bug 1258655 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1258655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-23004"
},
{
"cve": "CVE-2026-23204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23204",
"url": "https://www.suse.com/security/cve/CVE-2026-23204"
},
{
"category": "external",
"summary": "SUSE Bug 1258340 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "external",
"summary": "SUSE Bug 1259126 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1259126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23437",
"url": "https://www.suse.com/security/cve/CVE-2026-23437"
},
{
"category": "external",
"summary": "SUSE Bug 1261635 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261635"
},
{
"category": "external",
"summary": "SUSE Bug 1261845 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-23437"
},
{
"cve": "CVE-2026-31406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\ncleanup_net() [Round 1]\n ops_undo_list()\n xfrm_net_exit()\n xfrm_nat_keepalive_net_fini()\n cancel_delayed_work_sync(nat_keepalive_work);\n xfrm_state_fini()\n xfrm_state_flush()\n xfrm_state_delete(x)\n __xfrm_state_delete(x)\n xfrm_nat_keepalive_state_updated(x)\n schedule_delayed_work(nat_keepalive_work);\n rcu_barrier();\n net_complete_free();\n net_passive_dec(net);\n llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n rcu_barrier();\n net_complete_free()\n kmem_cache_free(net_cachep, net);\n nat_keepalive_work()\n // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31406",
"url": "https://www.suse.com/security/cve/CVE-2026-31406"
},
{
"category": "external",
"summary": "SUSE Bug 1261629 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261629"
},
{
"category": "external",
"summary": "SUSE Bug 1261630 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-31406"
},
{
"cve": "CVE-2026-31431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31431",
"url": "https://www.suse.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "SUSE Bug 1262573 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1262573"
},
{
"category": "external",
"summary": "SUSE Bug 1263689 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "external",
"summary": "SUSE Bug 1263938 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263938"
},
{
"category": "external",
"summary": "SUSE Bug 1263939 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263939"
},
{
"category": "external",
"summary": "SUSE Bug 1264274 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1264274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-31431"
}
]
}
SUSE-SU-2026:21598-1
Vulnerability from csaf_suse - Published: 2026-05-08 08:30 - Updated: 2026-05-08 08:30Summary
Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
(bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).
- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).
- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
Patchnames: SUSE-SLES-16.0-690
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-690",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21598-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21598-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621598-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21598-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046450.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252048",
"url": "https://bugzilla.suse.com/1252048"
},
{
"category": "self",
"summary": "SUSE Bug 1258005",
"url": "https://bugzilla.suse.com/1258005"
},
{
"category": "self",
"summary": "SUSE Bug 1258655",
"url": "https://bugzilla.suse.com/1258655"
},
{
"category": "self",
"summary": "SUSE Bug 1259126",
"url": "https://bugzilla.suse.com/1259126"
},
{
"category": "self",
"summary": "SUSE Bug 1261630",
"url": "https://bugzilla.suse.com/1261630"
},
{
"category": "self",
"summary": "SUSE Bug 1261845",
"url": "https://bugzilla.suse.com/1261845"
},
{
"category": "self",
"summary": "SUSE Bug 1263689",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39977 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23437 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31431 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31431/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-05-08T08:30:42Z",
"generator": {
"date": "2026-05-08T08:30:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21598-1",
"initial_release_date": "2026-05-08T08:30:42Z",
"revision_history": [
{
"date": "2026-05-08T08:30:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39977",
"url": "https://www.suse.com/security/cve/CVE-2025-39977"
},
{
"category": "external",
"summary": "SUSE Bug 1252046 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252046"
},
{
"category": "external",
"summary": "SUSE Bug 1252048 for CVE-2025-39977",
"url": "https://bugzilla.suse.com/1252048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-71066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`. It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n struct netlink_ext_ack *extack)\n{\n...\n\n // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n //to race with .dequeue handler (`ets_qdisc_dequeue`)\n sch_tree_lock(sch);\n\n for (i = nbands; i \u003c oldbands; i++) {\n if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n list_del_init(\u0026q-\u003eclasses[i].alist);\n qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n }\n\n WRITE_ONCE(q-\u003enbands, nbands);\n for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t // (2) the class is added to the q-\u003eactive\n list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n q-\u003eclasses[i].deficit = quanta[i];\n }\n }\n WRITE_ONCE(q-\u003enstrict, nstrict);\n memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n for (i = 0; i \u003c q-\u003enbands; i++)\n WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n for (i = oldbands; i \u003c q-\u003enbands; i++) {\n q-\u003eclasses[i].qdisc = queues[i];\n if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n }\n\n // (3) the qdisc is unlocked, now dequeue can be called in parallel\n // to the rest of .change handler\n sch_tree_unlock(sch);\n\n ets_offload_change(sch);\n for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t // freeing it\n qdisc_put(q-\u003eclasses[i].qdisc);\n\t // (5) If we call .dequeue between (4) and (5), we will have\n\t // a strong UAF and we can control RIP\n q-\u003eclasses[i].qdisc = NULL;\n WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n q-\u003eclasses[i].deficit = 0;\n gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n }\n return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\" # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71066",
"url": "https://www.suse.com/security/cve/CVE-2025-71066"
},
{
"category": "external",
"summary": "SUSE Bug 1256645 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1256645"
},
{
"category": "external",
"summary": "SUSE Bug 1258005 for CVE-2025-71066",
"url": "https://bugzilla.suse.com/1258005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2025-71066"
},
{
"cve": "CVE-2026-23004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n INIT_LIST_HEAD include/linux/list.h:46 [inline]\n list_del_init include/linux/list.h:296 [inline]\n rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n call_netdevice_notifiers net/core/dev.c:2282 [inline]\n netif_close_many+0x29c/0x410 net/core/dev.c:1785\n unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n kasan_save_stack mm/kasan/common.c:57 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n unpoison_slab_object mm/kasan/common.c:340 [inline]\n __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n kasan_slab_alloc include/linux/kasan.h:253 [inline]\n slab_post_alloc_hook mm/slub.c:4953 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n dst_alloc+0x105/0x170 net/core/dst.c:89\n ip6_dst_alloc net/ipv6/route.c:342 [inline]\n icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23004",
"url": "https://www.suse.com/security/cve/CVE-2026-23004"
},
{
"category": "external",
"summary": "SUSE Bug 1257231 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1257231"
},
{
"category": "external",
"summary": "SUSE Bug 1258655 for CVE-2026-23004",
"url": "https://bugzilla.suse.com/1258655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-23004"
},
{
"cve": "CVE-2026-23204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23204",
"url": "https://www.suse.com/security/cve/CVE-2026-23204"
},
{
"category": "external",
"summary": "SUSE Bug 1258340 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1258340"
},
{
"category": "external",
"summary": "SUSE Bug 1259126 for CVE-2026-23204",
"url": "https://bugzilla.suse.com/1259126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23437"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23437",
"url": "https://www.suse.com/security/cve/CVE-2026-23437"
},
{
"category": "external",
"summary": "SUSE Bug 1261635 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261635"
},
{
"category": "external",
"summary": "SUSE Bug 1261845 for CVE-2026-23437",
"url": "https://bugzilla.suse.com/1261845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-23437"
},
{
"cve": "CVE-2026-31406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n cpu0 cpu1\n\ncleanup_net() [Round 1]\n ops_undo_list()\n xfrm_net_exit()\n xfrm_nat_keepalive_net_fini()\n cancel_delayed_work_sync(nat_keepalive_work);\n xfrm_state_fini()\n xfrm_state_flush()\n xfrm_state_delete(x)\n __xfrm_state_delete(x)\n xfrm_nat_keepalive_state_updated(x)\n schedule_delayed_work(nat_keepalive_work);\n rcu_barrier();\n net_complete_free();\n net_passive_dec(net);\n llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n rcu_barrier();\n net_complete_free()\n kmem_cache_free(net_cachep, net);\n nat_keepalive_work()\n // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31406",
"url": "https://www.suse.com/security/cve/CVE-2026-31406"
},
{
"category": "external",
"summary": "SUSE Bug 1261629 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261629"
},
{
"category": "external",
"summary": "SUSE Bug 1261630 for CVE-2026-31406",
"url": "https://bugzilla.suse.com/1261630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-31406"
},
{
"cve": "CVE-2026-31431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31431",
"url": "https://www.suse.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "SUSE Bug 1262573 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1262573"
},
{
"category": "external",
"summary": "SUSE Bug 1263689 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263689"
},
{
"category": "external",
"summary": "SUSE Bug 1263938 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263938"
},
{
"category": "external",
"summary": "SUSE Bug 1263939 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1263939"
},
{
"category": "external",
"summary": "SUSE Bug 1264274 for CVE-2026-31431",
"url": "https://bugzilla.suse.com/1264274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_8-default-6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T08:30:42Z",
"details": "important"
}
],
"title": "CVE-2026-31431"
}
]
}
WID-SEC-W-2025-2298
Vulnerability from csaf_certbund - Published: 2025-10-14 22:00 - Updated: 2026-05-31 22:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen, Daten zu manipulieren und andere, nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DataPower Gateway 10.6.0.0-10.6.0.8
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8
|
10.6.0.0-10.6.0.8 | |
|
IBM QRadar SIEM <7.5.0 UP14 IF04
IBM / QRadar SIEM
|
<7.5.0 UP14 IF04 | ||
|
IBM DataPower Gateway 10.5.0.0-10.5.0.20
IBM / DataPower Gateway
|
cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20
|
10.5.0.0-10.5.0.20 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— |
References
400 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Daten zu manipulieren und andere, nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2298 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2298.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2298 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2298"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7938-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7938-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7939-1 vom 2025-12-17",
"url": "https://ubuntu.com/security/notices/USN-7939-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7939-2 vom 2025-12-17",
"url": "https://ubuntu.com/security/notices/USN-7939-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23250 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23250"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7935-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7935-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7934-1 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7934-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7936-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7936-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7931-1 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7931-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7931-2 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7931-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7931-3 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7931-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4393-1 vom 2025-12-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023538.html"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39966",
"url": "https://lore.kernel.org/linux-cve-announce/2025101553-CVE-2025-39966-736b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39967",
"url": "https://lore.kernel.org/linux-cve-announce/2025101555-CVE-2025-39967-0fbf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39968",
"url": "https://lore.kernel.org/linux-cve-announce/2025101555-CVE-2025-39968-ca60@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39969",
"url": "https://lore.kernel.org/linux-cve-announce/2025101555-CVE-2025-39969-fbee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39970",
"url": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39970-2ec8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39971",
"url": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39971-97e2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39972",
"url": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39972-06e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39973",
"url": "https://lore.kernel.org/linux-cve-announce/2025101557-CVE-2025-39973-b1a3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39974",
"url": "https://lore.kernel.org/linux-cve-announce/2025101557-CVE-2025-39974-09d9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39975",
"url": "https://lore.kernel.org/linux-cve-announce/2025101557-CVE-2025-39975-d1a3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39976",
"url": "https://lore.kernel.org/linux-cve-announce/2025101558-CVE-2025-39976-59ea@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39977",
"url": "https://lore.kernel.org/linux-cve-announce/2025101558-CVE-2025-39977-b3a2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39979",
"url": "https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39979-f1e9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39980",
"url": "https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39980-1b78@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39981",
"url": "https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39981-fe1d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39982",
"url": "https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39982-a36e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39983",
"url": "https://lore.kernel.org/linux-cve-announce/2025101500-CVE-2025-39983-eb8b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39984",
"url": "https://lore.kernel.org/linux-cve-announce/2025101500-CVE-2025-39984-2d3f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39985",
"url": "https://lore.kernel.org/linux-cve-announce/2025101500-CVE-2025-39985-98c2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39986",
"url": "https://lore.kernel.org/linux-cve-announce/2025101501-CVE-2025-39986-b33b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39987",
"url": "https://lore.kernel.org/linux-cve-announce/2025101501-CVE-2025-39987-9feb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39988",
"url": "https://lore.kernel.org/linux-cve-announce/2025101501-CVE-2025-39988-bda0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39990",
"url": "https://lore.kernel.org/linux-cve-announce/2025101502-CVE-2025-39990-25bc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39991",
"url": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39991-6679@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39992",
"url": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39992-f580@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39993",
"url": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39993-caef@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39994",
"url": "https://lore.kernel.org/linux-cve-announce/2025101528-CVE-2025-39994-f3e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39995",
"url": "https://lore.kernel.org/linux-cve-announce/2025101528-CVE-2025-39995-80ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39996",
"url": "https://lore.kernel.org/linux-cve-announce/2025101528-CVE-2025-39996-b297@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39997",
"url": "https://lore.kernel.org/linux-cve-announce/2025101528-CVE-2025-39997-4384@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39998",
"url": "https://lore.kernel.org/linux-cve-announce/2025101529-CVE-2025-39998-57d5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39999",
"url": "https://lore.kernel.org/linux-cve-announce/2025101529-CVE-2025-39999-08ff@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40000",
"url": "https://lore.kernel.org/linux-cve-announce/2025101518-CVE-2025-40000-8817@gregkh/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20719 vom 2025-10-24",
"url": "https://linux.oracle.com/errata/ELSA-2025-20719.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-109 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-109.html"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2025-10-28",
"url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#October_20_2025"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15671-1 vom 2025-10-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CE44EQUDGYUJH4U6WXJDQU42FYQWVI53/"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2025-10-28",
"url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#October_27_2025"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-25731 vom 2025-11-03",
"url": "https://linux.oracle.com/errata/ELSA-2025-25731.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-25733 vom 2025-11-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-25733.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-114 vom 2025-11-11",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-114.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-25755 vom 2025-11-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-25755.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4057-1 vom 2025-11-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023254.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6053 vom 2025-11-12",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00219.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-25757 vom 2025-11-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-25757.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21469 vom 2025-11-17",
"url": "https://access.redhat.com/errata/RHSA-2025:21469"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4111-1 vom 2025-11-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023294.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4135-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023300.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4128-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023299.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4132-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023302.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4141-1 vom 2025-11-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4140-1 vom 2025-11-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023305.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4139-1 vom 2025-11-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023306.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4149-1 vom 2025-11-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023309.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21917 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21917"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21920 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21920"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21933 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21933"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4188-1 vom 2025-11-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LVPUJWNDCBFGM2O2EFX4S5QBPKDARVQ7/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4189-1 vom 2025-11-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023334.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21917 vom 2025-11-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-21917.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4379 vom 2025-11-25",
"url": "https://lists.debian.org/debian-lts-announce/2025/11/msg00022.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21926 vom 2025-11-26",
"url": "http://linux.oracle.com/errata/ELSA-2025-21926.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20091-1 vom 2025-11-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QVNKE6YBHUN7AVUHO7UZCJJGK4HYS62H/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:21917 vom 2025-11-27",
"url": "https://errata.build.resf.org/RLSA-2025:21917"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:21920 vom 2025-11-27",
"url": "https://errata.build.resf.org/RLSA-2025:21920"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21469 vom 2025-11-27",
"url": "https://linux.oracle.com/errata/ELSA-2025-21469.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21052-1 vom 2025-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023389.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21040-1 vom 2025-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023394.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21064-1 vom 2025-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023415.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21056-1 vom 2025-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023419.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4301-1 vom 2025-11-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LLIMXFMWOGTFRJZEC4XPGIMNBCRKQ7IF/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21080-1 vom 2025-11-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023429.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22405 vom 2025-12-01",
"url": "https://access.redhat.com/errata/RHSA-2025:22405"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4315-1 vom 2025-12-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023442.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22395 vom 2025-12-01",
"url": "https://access.redhat.com/errata/RHSA-2025:22395"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22571 vom 2025-12-02",
"url": "https://access.redhat.com/errata/RHSA-2025:22571"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22405 vom 2025-12-02",
"url": "https://linux.oracle.com/errata/ELSA-2025-22405.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22405 vom 2025-12-04",
"url": "https://errata.build.resf.org/RLSA-2025:22405"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4320-1 vom 2025-12-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023445.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22395 vom 2025-12-05",
"url": "https://errata.build.resf.org/RLSA-2025:22395"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22802 vom 2025-12-08",
"url": "https://access.redhat.com/errata/RHSA-2025:22802"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22395 vom 2025-12-06",
"url": "https://linux.oracle.com/errata/ELSA-2025-22395.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-095 vom 2025-12-08",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-095.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22854 vom 2025-12-08",
"url": "https://access.redhat.com/errata/RHSA-2025:22854"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22854 vom 2025-12-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-22854.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22865 vom 2025-12-09",
"url": "https://access.redhat.com/errata/RHSA-2025:22865"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22865 vom 2025-12-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-22865.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7921-1 vom 2025-12-10",
"url": "https://ubuntu.com/security/notices/USN-7921-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7922-1 vom 2025-12-10",
"url": "https://ubuntu.com/security/notices/USN-7922-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21180-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023498.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21147-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023511.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7922-2 vom 2025-12-11",
"url": "https://ubuntu.com/security/notices/USN-7922-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7928-2 vom 2025-12-11",
"url": "https://ubuntu.com/security/notices/USN-7928-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7928-1 vom 2025-12-11",
"url": "https://ubuntu.com/security/notices/USN-7928-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7928-3 vom 2025-12-11",
"url": "https://ubuntu.com/security/notices/USN-7928-3"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28048 vom 2025-12-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-28048.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4404 vom 2025-12-12",
"url": "https://lists.debian.org/debian-lts-announce/2025/12/msg00015.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22854 vom 2025-12-14",
"url": "https://errata.build.resf.org/RLSA-2025:22854"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28049 vom 2025-12-15",
"url": "https://oss.oracle.com/pipermail/el-errata/2025-December/019260.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28049 vom 2025-12-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-28049.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22865 vom 2025-12-13",
"url": "https://errata.build.resf.org/RLSA-2025:22865"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23241 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23241"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7940-1 vom 2025-12-17",
"url": "https://ubuntu.com/security/notices/USN-7940-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4422-1 vom 2025-12-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023573.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23279 vom 2025-12-18",
"url": "https://linux.oracle.com/errata/ELSA-2025-23279.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23241 vom 2025-12-19",
"url": "https://linux.oracle.com/errata/ELSA-2025-23241.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7928-4 vom 2025-12-19",
"url": "https://ubuntu.com/security/notices/USN-7928-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7922-3 vom 2025-12-19",
"url": "https://ubuntu.com/security/notices/USN-7922-3"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:23241 vom 2025-12-23",
"url": "https://errata.build.resf.org/RLSA-2025:23241"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4505-1 vom 2025-12-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3D5W2444LYTUJVXYGB63LTMU25GRLRJR/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4516-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023646.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4517-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023649.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:23279 vom 2025-12-24",
"url": "https://errata.build.resf.org/RLSA-2025:23279"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4515-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023647.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4521-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023651.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0029-1 vom 2026-01-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023679.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0033-1 vom 2026-01-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023686.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7922-4 vom 2026-01-06",
"url": "https://ubuntu.com/security/notices/USN-7922-4"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0173 vom 2026-01-07",
"url": "https://access.redhat.com/errata/RHSA-2026:0173"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2026:0271"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0453 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0453"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7928-5 vom 2026-01-09",
"url": "https://ubuntu.com/security/notices/USN-7928-5"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20012-1 vom 2026-01-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023715.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7940-2 vom 2026-01-09",
"url": "https://ubuntu.com/security/notices/USN-7940-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20021-1 vom 2026-01-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023723.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0443 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0443"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0444 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0444"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20015-1 vom 2026-01-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023727.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7931-5 vom 2026-01-09",
"url": "https://ubuntu.com/security/notices/USN-7931-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0453 vom 2026-01-13",
"url": "https://linux.oracle.com/errata/ELSA-2026-0453.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7922-5 vom 2026-01-12",
"url": "https://ubuntu.com/security/notices/USN-7922-5"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0457 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0457"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0489 vom 2026-01-13",
"url": "https://access.redhat.com/errata/RHSA-2026:0489"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0535 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0535"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0533 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0533"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0444 vom 2026-01-13",
"url": "https://linux.oracle.com/errata/ELSA-2026-0444.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0536 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0536"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0534 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0534"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0537 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0537"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0576 vom 2026-01-14",
"url": "https://access.redhat.com/errata/RHSA-2026:0576"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50006 vom 2026-01-15",
"url": "http://linux.oracle.com/errata/ELSA-2026-50006.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0643 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0643"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20059-1 vom 2026-01-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023751.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20039-1 vom 2026-01-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023767.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0443 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0443"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0444 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0444"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0453 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0453"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0950 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0950"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0263-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023899.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0278-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023906.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0281-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023914.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0293-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023915.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50071 vom 2026-01-26",
"url": "https://linux.oracle.com/errata/ELSA-2026-50071.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1441 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1441"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1443 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1445 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1445"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1442 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1442"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0315-1 vom 2026-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023971.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258234 vom 2026-01-28",
"url": "https://www.ibm.com/support/pages/node/7258234"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1512 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1494 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1494"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1495 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7988-2 vom 2026-01-30",
"url": "https://ubuntu.com/security/notices/USN-7988-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0317-1 vom 2026-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023979.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1581 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1581"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7987-1 vom 2026-01-30",
"url": "https://ubuntu.com/security/notices/USN-7987-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7987-2 vom 2026-01-30",
"url": "https://ubuntu.com/security/notices/USN-7987-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7988-1 vom 2026-01-30",
"url": "https://ubuntu.com/security/notices/USN-7988-1"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-030 vom 2026-01-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000421570/dsa-2026-030-security-update-for-dell-networker-vproxy-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1623 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1623"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1886 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1886"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20145-1 vom 2026-02-03",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FIKVKDA42VXBWDNHA6WP345IDVA2E3XU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20207-1 vom 2026-02-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024052.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20228-1 vom 2026-02-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024063.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7988-3 vom 2026-02-05",
"url": "https://ubuntu.com/security/notices/USN-7988-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20220-1 vom 2026-02-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024067.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50100 vom 2026-02-10",
"url": "http://linux.oracle.com/errata/ELSA-2026-50100.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0411-1 vom 2026-02-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024085.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7988-4 vom 2026-02-11",
"url": "https://ubuntu.com/security/notices/USN-7988-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-3 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-2 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8034-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8034-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7988-5 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-7988-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-4 vom 2026-02-13",
"url": "https://ubuntu.com/security/notices/USN-8033-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20317-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024177.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20334-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024161.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20333-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024162.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8034-2 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8034-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-5 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8033-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-6 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8033-6"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-112 vom 2026-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-112.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-7 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8033-7"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-8 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8033-8"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0617-1 vom 2026-02-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024378.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20478-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024408.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20479-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024407.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20473-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024411.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20477-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024409.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20498-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024476.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20519-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024456.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20520-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024455.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20496-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024477.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3634 vom 2026-03-03",
"url": "https://access.redhat.com/errata/RHSA-2026:3634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3685 vom 2026-03-03",
"url": "https://access.redhat.com/errata/RHSA-2026:3685"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1581 vom 2026-03-04",
"url": "https://linux.oracle.com/errata/ELSA-2026-1581.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20561-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024578.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20564-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024575.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20562-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024577.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-2 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8100-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8100-1"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-114 vom 2026-03-17",
"url": "https://www.dell.com/support/kbdoc/000436206"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-3 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-4 vom 2026-03-23",
"url": "https://ubuntu.com/security/notices/USN-8095-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20794-1 vom 2026-03-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024895.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3685 vom 2026-03-25",
"url": "https://linux.oracle.com/errata/ELSA-2026-3685.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20772-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024862.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20819-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024871.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8126-1 vom 2026-03-25",
"url": "https://ubuntu.com/security/notices/USN-8126-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8125-1 vom 2026-03-25",
"url": "https://ubuntu.com/security/notices/USN-8125-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1078-1 vom 2026-03-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024954.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20872-1 vom 2026-03-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024969.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20845-1 vom 2026-03-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024994.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20876-1 vom 2026-03-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/025054.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-5 vom 2026-04-01",
"url": "https://ubuntu.com/security/notices/USN-8095-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8141-1 vom 2026-04-01",
"url": "https://ubuntu.com/security/notices/USN-8141-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268628 vom 2026-04-06",
"url": "https://www.ibm.com/support/pages/node/7268628"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1188-1 vom 2026-04-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025128.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1185-1 vom 2026-04-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025131.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1212-1 vom 2026-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025162.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1221-1 vom 2026-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025169.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8165-1 vom 2026-04-10",
"url": "https://ubuntu.com/security/notices/USN-8165-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1236-1 vom 2026-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025190.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1222-1 vom 2026-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025172.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1225-1 vom 2026-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025171.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8163-1 vom 2026-04-10",
"url": "https://ubuntu.com/security/notices/USN-8163-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1239-1 vom 2026-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025191.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21008-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025216.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1244-1 vom 2026-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025195.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1269-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025237.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1285-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025205.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21007-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025217.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1268-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025238.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1242-1 vom 2026-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025193.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1281-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025229.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1283-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025228.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1280-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025230.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1271-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025235.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1263-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025242.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1248-1 vom 2026-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025194.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1278-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025232.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1259-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025245.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21091-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025251.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21089-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025253.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21079-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025263.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1298-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025313.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21088-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025254.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21080-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025262.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21043-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025297.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21061-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025279.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1287-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025248.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21060-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025280.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21059-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025281.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21044-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025296.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1297-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025249.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1304-1 vom 2026-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025317.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21045-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025295.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21087-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025255.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21058-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025282.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21086-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025256.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21057-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025283.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21056-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025284.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21046-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025294.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21055-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025285.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21054-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025286.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21085-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025257.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21047-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025293.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21053-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025287.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21073-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025269.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8163-2 vom 2026-04-14",
"url": "https://ubuntu.com/security/notices/USN-8163-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21084-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025258.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21074-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025268.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21048-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025292.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21049-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025291.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21077-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025265.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21050-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025290.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21078-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025264.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21090-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025252.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21076-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025266.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21083-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025259.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21075-1 vom 2026-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025267.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21096-1 vom 2026-04-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025380.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21099-1 vom 2026-04-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025378.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21129-1 vom 2026-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025416.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21131-1 vom 2026-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025414.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21123-1 vom 2026-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025421.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21114-1 vom 2026-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025429.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9512 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9512"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20572-1 vom 2026-04-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/STWYWECAV6YINBQYRNTOUWNIHBOUY3YT/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21217-1 vom 2026-04-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025489.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21219-1 vom 2026-04-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025525.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:9644 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:9644"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21230-1 vom 2026-04-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025560.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21237-1 vom 2026-04-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025557.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1573-1 vom 2026-04-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025596.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21241-1 vom 2026-04-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025595.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10108 vom 2026-04-24",
"url": "https://access.redhat.com/errata/RHSA-2026:10108"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21255-1 vom 2026-04-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025583.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21361-1 vom 2026-04-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025743.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21352-1 vom 2026-04-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025751.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1643-1 vom 2026-04-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025762.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1661-1 vom 2026-04-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025787.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1686-1 vom 2026-05-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025842.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1684-1 vom 2026-05-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025843.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1718-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025884.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21471-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025878.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21468-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025881.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21482-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025867.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21472-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025877.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21491-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025858.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1708-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025852.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21473-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025876.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21474-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025875.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1694-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025846.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21475-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025874.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21476-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025873.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21477-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025872.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21479-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21470-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025879.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1710-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025851.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21481-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025868.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21483-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025866.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21487-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025862.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21484-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025865.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21485-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025864.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21480-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025869.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21469-1 vom 2026-05-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025880.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8243-1 vom 2026-05-07",
"url": "https://ubuntu.com/security/notices/USN-8243-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21514-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025896.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1725-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025918.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21505-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025905.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21506-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025904.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21507-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025903.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21508-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025902.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21509-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025901.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21510-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025900.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21511-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025899.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21512-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025898.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21513-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025897.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21515-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025895.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21495-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025915.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21496-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025914.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21497-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025913.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21498-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025912.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21499-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025911.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21501-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025909.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21503-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025907.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21504-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025906.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1728-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025921.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1733-1 vom 2026-05-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025919.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1768-1 vom 2026-05-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025939.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1771-1 vom 2026-05-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025937.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1776-1 vom 2026-05-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025948.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21529-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025991.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21555-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025966.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1798-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025979.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21533-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025986.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21562-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025961.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21563-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025960.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1787-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025995.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1793-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025982.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21532-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025988.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1804-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025951.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21531-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026007.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21526-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026003.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21523-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026006.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21528-1 vom 2026-05-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026001.html"
},
{
"category": "external",
"summary": "Dell Security Advisory",
"url": "https://www.dell.com/support/kbdoc/en-us/000462117/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21591-1 vom 2026-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026041.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21598-1 vom 2026-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026037.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21706 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21706"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21745 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21745"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:21745 vom 2026-05-31",
"url": "https://errata.build.resf.org/RLSA-2026:21745"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-21706 vom 2026-05-29",
"url": "https://linux.oracle.com/errata/ELSA-2026-21706.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:21706 vom 2026-05-31",
"url": "https://errata.build.resf.org/RLSA-2026:21706"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-31T22:00:00.000+00:00",
"generator": {
"date": "2026-06-01T07:23:00.687+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2025-2298",
"initial_release_date": "2025-10-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-34595, EUVD-2025-34603, EUVD-2025-34584, EUVD-2025-34574"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-10-28T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-11-02T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-10T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon und Oracle Linux aufgenommen"
},
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE und Debian aufgenommen"
},
{
"date": "2025-11-16T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-20T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-23T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-11-26T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-01T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-12-02T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-12-04T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-08T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Amazon, Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-09T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-12-11T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Oracle Linux, Debian und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Ubuntu, SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-12-18T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-21T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-22T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und SUSE aufgenommen"
},
{
"date": "2025-12-23T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-12-28T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-06T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2026-01-07T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat, Ubuntu und SUSE aufgenommen"
},
{
"date": "2026-01-12T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Oracle Linux, Ubuntu und Red Hat aufgenommen"
},
{
"date": "2026-01-13T23:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Oracle Linux, Red Hat und SUSE aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von SUSE, IBM und Red Hat aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Ubuntu, SUSE und Red Hat aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Red Hat und openSUSE aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-05T23:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-12T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-17T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-18T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Amazon und Ubuntu aufgenommen"
},
{
"date": "2026-02-19T23:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-26T23:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-02T23:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-03T23:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-16T23:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-29T22:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-30T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-01T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von IBM und SUSE aufgenommen"
},
{
"date": "2026-04-08T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2026-04-12T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-13T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2026-04-15T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-19T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Red Hat, openSUSE und SUSE aufgenommen"
},
{
"date": "2026-04-22T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-23T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2026-04-28T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-05T22:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "95",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "96",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-27T22:00:00.000+00:00",
"number": "97",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-28T22:00:00.000+00:00",
"number": "98",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-31T22:00:00.000+00:00",
"number": "99",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "99"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.8.1.0-3.8.1.7",
"product": {
"name": "Dell ECS 3.8.1.0-3.8.1.7",
"product_id": "T053778",
"product_identification_helper": {
"cpe": "cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7"
}
}
}
],
"category": "product_name",
"name": "ECS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vProxy \u003c19.14",
"product": {
"name": "Dell NetWorker vProxy \u003c19.14",
"product_id": "T050451"
}
},
{
"category": "product_version",
"name": "vProxy 19.14",
"product": {
"name": "Dell NetWorker vProxy 19.14",
"product_id": "T050451-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:vproxy__19.14"
}
}
},
{
"category": "product_version_range",
"name": "vProxy \u003c19.13.0.3",
"product": {
"name": "Dell NetWorker vProxy \u003c19.13.0.3",
"product_id": "T051763"
}
},
{
"category": "product_version",
"name": "vProxy 19.13.0.3",
"product": {
"name": "Dell NetWorker vProxy 19.13.0.3",
"product_id": "T051763-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:vproxy__19.13.0.3"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "10.5.0.0-10.5.0.20",
"product": {
"name": "IBM DataPower Gateway 10.5.0.0-10.5.0.20",
"product_id": "T052394",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.0_-_10.5.0.20"
}
}
},
{
"category": "product_version",
"name": "10.6.0.0-10.6.0.8",
"product": {
"name": "IBM DataPower Gateway 10.6.0.0-10.6.0.8",
"product_id": "T052395",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.0_-_10.6.0.8"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP14 IF04",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP14 IF04",
"product_id": "T050392"
}
},
{
"category": "product_version",
"name": "7.5.0 UP14 IF04",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP14 IF04",
"product_id": "T050392-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up14_if04"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T047708",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "Red Hat Enterprise Linux 10",
"product_id": "T048374",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Red Hat Enterprise Linux 8",
"product_id": "T048848",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39966",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39966"
},
{
"cve": "CVE-2025-39967",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39967"
},
{
"cve": "CVE-2025-39968",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39968"
},
{
"cve": "CVE-2025-39969",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39969"
},
{
"cve": "CVE-2025-39970",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39970"
},
{
"cve": "CVE-2025-39971",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39971"
},
{
"cve": "CVE-2025-39972",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39972"
},
{
"cve": "CVE-2025-39973",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39973"
},
{
"cve": "CVE-2025-39974",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39974"
},
{
"cve": "CVE-2025-39975",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39975"
},
{
"cve": "CVE-2025-39976",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39976"
},
{
"cve": "CVE-2025-39977",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-39978",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39978"
},
{
"cve": "CVE-2025-39979",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39979"
},
{
"cve": "CVE-2025-39980",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39980"
},
{
"cve": "CVE-2025-39981",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39981"
},
{
"cve": "CVE-2025-39982",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39982"
},
{
"cve": "CVE-2025-39983",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39983"
},
{
"cve": "CVE-2025-39984",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39984"
},
{
"cve": "CVE-2025-39985",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39985"
},
{
"cve": "CVE-2025-39986",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39986"
},
{
"cve": "CVE-2025-39987",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39987"
},
{
"cve": "CVE-2025-39988",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39988"
},
{
"cve": "CVE-2025-39990",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39990"
},
{
"cve": "CVE-2025-39991",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39991"
},
{
"cve": "CVE-2025-39992",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39992"
},
{
"cve": "CVE-2025-39993",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39993"
},
{
"cve": "CVE-2025-39994",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39994"
},
{
"cve": "CVE-2025-39995",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39995"
},
{
"cve": "CVE-2025-39996",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39996"
},
{
"cve": "CVE-2025-39997",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39997"
},
{
"cve": "CVE-2025-39998",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39998"
},
{
"cve": "CVE-2025-39999",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-39999"
},
{
"cve": "CVE-2025-40000",
"product_status": {
"known_affected": [
"T052395",
"T050392",
"T052394",
"67646",
"T053778",
"T047708",
"T051763",
"T004914",
"T050451",
"T032255",
"2951",
"T002207",
"T000126",
"T048848",
"T027843",
"398363",
"T048374",
"1607324"
]
},
"release_date": "2025-10-14T22:00:00.000+00:00",
"title": "CVE-2025-40000"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…