{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um seine Privilegien zu erh\u00f6hen, um einen Denial of Service Zustand oder andere, nicht n\u00e4her spezifizierte Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1232 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1232.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1232 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-31431",
        "url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-31432",
        "url": "https://lore.kernel.org/linux-cve-announce/2026042216-CVE-2026-31432-e990@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-31433",
        "url": "https://lore.kernel.org/linux-cve-announce/2026042216-CVE-2026-31433-51e6@gregkh/"
      },
      {
        "category": "external",
        "summary": "CopyFail (CVE-2026-31431) Exploit-Code vom 2026-04-29",
        "url": "https://github.com/badsectorlabs/copyfail-go"
      },
      {
        "category": "external",
        "summary": "CopyFail (CVE-2026-31431) Webseite vom 2026-04-29",
        "url": "https://copy.fail/"
      },
      {
        "category": "external",
        "summary": "CISA Known Exploited Vulnerabilities Catalog CVE-2026-31431 vom 2026-05-03",
        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8226-2 vom 2026-04-30",
        "url": "https://ubuntu.com/security/notices/USN-8226-2"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6238 vom 2026-05-04",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00148.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8226-1 vom 2026-04-30",
        "url": "https://ubuntu.com/security/notices/USN-8226-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50253 vom 2026-05-02",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50253.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6243 vom 2026-05-04",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00154.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4560 vom 2026-05-02",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00004.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4561 vom 2026-05-02",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00005.html"
      },
      {
        "category": "external",
        "summary": "Google Cloud Platform Security Bulletin GCP-2026-026 vom 2026-05-01",
        "url": "https://docs.cloud.google.com/support/bulletins#gcp-2026-026"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50255 vom 2026-05-02",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50255.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50254 vom 2026-05-02",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50254.html"
      },
      {
        "category": "external",
        "summary": "Container-Optimized OS release notes vom 2026-05-02",
        "url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#May_01_2026"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21465-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025792.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21454-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025802.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21463-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025794.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21421-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025828.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21458-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025798.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21460-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025796.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21459-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025797.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1674-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025834.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21443-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025811.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21439-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025815.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1676-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025832.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1675-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025833.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1669-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025831.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1677-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025830.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1672-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025835.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1670-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025837.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1671-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025836.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21442-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025812.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1678-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025829.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21453-1 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025803.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13578 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13578"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1671-2 vom 2026-05-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025838.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13566 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13566"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13577 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13577"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13565 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13565"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-05-04T22:00:00.000+00:00",
      "generator": {
        "date": "2026-05-05T08:27:21.005+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-1232",
      "initial_release_date": "2026-04-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-04-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-04-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-24639, EUVD-2026-24641"
        },
        {
          "date": "2026-04-29T22:00:00.000+00:00",
          "number": "3",
          "summary": "Beschreibung CVE-2026-31431 angepasst, Exploit verf\u00fcgbar"
        },
        {
          "date": "2026-05-03T22:00:00.000+00:00",
          "number": "4",
          "summary": "CVE-2026-31431 wird aktiv ausgenutzt"
        },
        {
          "date": "2026-05-04T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Google Cloud Platform",
            "product": {
              "name": "Google Cloud Platform",
              "product_id": "393401",
              "product_identification_helper": {
                "cpe": "cpe:/a:google:cloud_platform:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Google Container-Optimized OS",
            "product": {
              "name": "Google Container-Optimized OS",
              "product_id": "1607324",
              "product_identification_helper": {
                "cpe": "cpe:/o:google:container-optimized_os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T028462",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:unspecified"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-31432",
      "product_status": {
        "known_affected": [
          "T028462",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "393401",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2026-04-21T22:00:00.000+00:00",
      "title": "CVE-2026-31432"
    },
    {
      "cve": "CVE-2026-31433",
      "product_status": {
        "known_affected": [
          "T028462",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "393401",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2026-04-21T22:00:00.000+00:00",
      "title": "CVE-2026-31433"
    },
    {
      "cve": "CVE-2026-31431",
      "product_status": {
        "known_affected": [
          "T028462",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "393401",
          "T004914",
          "1607324"
        ]
      },
      "release_date": "2026-04-29T22:00:00.000+00:00",
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-kernel-392",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21486-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21486-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621486-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21486-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046227.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T13:14:11Z",
      "generator": {
        "date": "2026-05-05T13:14:11Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21486-1",
      "initial_release_date": "2026-05-05T13:14:11Z",
      "revision_history": [
        {
          "date": "2026-05-05T13:14:11Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
                "product": {
                  "name": "kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
                  "product_id": "kernel-livepatch-6_4_0-39-default-4-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-39-default-4-1.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-39-default-4-1.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-39-default-4-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-39-default-4-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-39-default-4-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:14:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:14:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-39-default-4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:14:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n  (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-kernel-387",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21497-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21497-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621497-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21497-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025913.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252048",
        "url": "https://bugzilla.suse.com/1252048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258005",
        "url": "https://bugzilla.suse.com/1258005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258073",
        "url": "https://bugzilla.suse.com/1258073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38375 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39977 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-71066 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-71066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T13:10:05Z",
      "generator": {
        "date": "2026-05-05T13:10:05Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21497-1",
      "initial_release_date": "2026-05-05T13:10:05Z",
      "revision_history": [
        {
          "date": "2026-05-05T13:10:05Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
                "product": {
                  "name": "kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
                  "product_id": "kernel-livepatch-6_4_0-31-default-16-1.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-31-default-16-1.2.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-31-default-16-1.2.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-31-default-16-1.2.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x"
        },
        "product_reference": "kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-31-default-16-1.2.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-31-default-16-1.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38375",
          "url": "https://www.suse.com/security/cve/CVE-2025-38375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247177 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1247177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258073 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1258073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-39977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n   T1                               T2\n\n futex_wait_requeue_pi()\n   futex_do_wait()\n     schedule()\n                               futex_requeue()\n                                 futex_proxy_trylock_atomic()\n                                   futex_requeue_pi_prepare()\n                                   requeue_pi_wake_futex()\n                                     futex_requeue_pi_complete()\n                                      /* preempt */\n\n         * timeout/ signal wakes T1 *\n\n   futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n   futex_hash_put()\n  // back to userland, on stack futex_q is garbage\n\n                                      /* back */\n                                     wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state().  A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39977",
          "url": "https://www.suse.com/security/cve/CVE-2025-39977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252046 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252048 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39977"
    },
    {
      "cve": "CVE-2025-71066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-71066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i \u003c oldbands; i++) {\n              if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n                      list_del_init(\u0026q-\u003eclasses[i].alist);\n              qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n      }\n\n      WRITE_ONCE(q-\u003enbands, nbands);\n      for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n              if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t      // (2) the class is added to the q-\u003eactive\n                      list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n                      q-\u003eclasses[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-\u003enstrict, nstrict);\n      memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i \u003c q-\u003enbands; i++)\n              WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n      for (i = oldbands; i \u003c q-\u003enbands; i++) {\n              q-\u003eclasses[i].qdisc = queues[i];\n              if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n                      qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t      // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t      //  freeing it\n              qdisc_put(q-\u003eclasses[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q-\u003eclasses[i].qdisc = NULL;\n              WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n              q-\u003eclasses[i].deficit = 0;\n              gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n              memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-71066",
          "url": "https://www.suse.com/security/cve/CVE-2025-71066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256645 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1256645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258005 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1258005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-71066"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-default-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLES-16.0-693",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21556-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21556-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621556-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21556-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046348.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1261630",
        "url": "https://bugzilla.suse.com/1261630"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1261845",
        "url": "https://bugzilla.suse.com/1261845"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23437 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23437/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31406 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31406/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)",
    "tracking": {
      "current_release_date": "2026-05-05T20:02:43Z",
      "generator": {
        "date": "2026-05-05T20:02:43Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21556-1",
      "initial_release_date": "2026-05-05T20:02:43Z",
      "revision_history": [
        {
          "date": "2026-05-05T20:02:43Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
                  "product_id": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
                  "product_id": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
                  "product_id": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 16.0",
                "product": {
                  "name": "SUSE Linux Enterprise Server 16.0",
                  "product_id": "SUSE Linux Enterprise Server 16.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:16:16.0:server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP applications 16.0",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP applications 16.0",
                  "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
          "product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
          "product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23437",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23437"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23437",
          "url": "https://www.suse.com/security/cve/CVE-2026-23437"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261635 for CVE-2026-23437",
          "url": "https://bugzilla.suse.com/1261635"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261845 for CVE-2026-23437",
          "url": "https://bugzilla.suse.com/1261845"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T20:02:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23437"
    },
    {
      "cve": "CVE-2026-31406",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31406"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n           cpu0                             cpu1\n\ncleanup_net() [Round 1]\n  ops_undo_list()\n    xfrm_net_exit()\n      xfrm_nat_keepalive_net_fini()\n        cancel_delayed_work_sync(nat_keepalive_work);\n      xfrm_state_fini()\n        xfrm_state_flush()\n          xfrm_state_delete(x)\n            __xfrm_state_delete(x)\n              xfrm_nat_keepalive_state_updated(x)\n                schedule_delayed_work(nat_keepalive_work);\n  rcu_barrier();\n  net_complete_free();\n  net_passive_dec(net);\n    llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n  rcu_barrier();\n  net_complete_free()\n    kmem_cache_free(net_cachep, net);\n                                     nat_keepalive_work()\n                                       // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31406",
          "url": "https://www.suse.com/security/cve/CVE-2026-31406"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261629 for CVE-2026-31406",
          "url": "https://bugzilla.suse.com/1261629"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261630 for CVE-2026-31406",
          "url": "https://bugzilla.suse.com/1261630"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T20:02:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31406"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
          "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
          "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263938 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263939 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264274 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1264274"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.s390x",
            "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T20:02:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-150700.5 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-1684,SUSE-SLE-Module-Live-Patching-15-SP7-2026-1684",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1684-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:1684-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261684-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:1684-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046206.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252048",
        "url": "https://bugzilla.suse.com/1252048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258005",
        "url": "https://bugzilla.suse.com/1258005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258073",
        "url": "https://bugzilla.suse.com/1258073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38375 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39977 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-71066 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-71066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7)",
    "tracking": {
      "current_release_date": "2026-05-05T06:34:20Z",
      "generator": {
        "date": "2026-05-05T06:34:20Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:1684-1",
      "initial_release_date": "2026-05-05T06:34:20Z",
      "revision_history": [
        {
          "date": "2026-05-05T06:34:20Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP7",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38375",
          "url": "https://www.suse.com/security/cve/CVE-2025-38375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247177 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1247177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258073 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1258073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T06:34:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-39977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n   T1                               T2\n\n futex_wait_requeue_pi()\n   futex_do_wait()\n     schedule()\n                               futex_requeue()\n                                 futex_proxy_trylock_atomic()\n                                   futex_requeue_pi_prepare()\n                                   requeue_pi_wake_futex()\n                                     futex_requeue_pi_complete()\n                                      /* preempt */\n\n         * timeout/ signal wakes T1 *\n\n   futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n   futex_hash_put()\n  // back to userland, on stack futex_q is garbage\n\n                                      /* back */\n                                     wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state().  A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39977",
          "url": "https://www.suse.com/security/cve/CVE-2025-39977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252046 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252048 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T06:34:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39977"
    },
    {
      "cve": "CVE-2025-71066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-71066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i \u003c oldbands; i++) {\n              if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n                      list_del_init(\u0026q-\u003eclasses[i].alist);\n              qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n      }\n\n      WRITE_ONCE(q-\u003enbands, nbands);\n      for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n              if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t      // (2) the class is added to the q-\u003eactive\n                      list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n                      q-\u003eclasses[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-\u003enstrict, nstrict);\n      memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i \u003c q-\u003enbands; i++)\n              WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n      for (i = oldbands; i \u003c q-\u003enbands; i++) {\n              q-\u003eclasses[i].qdisc = queues[i];\n              if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n                      qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t      // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t      //  freeing it\n              qdisc_put(q-\u003eclasses[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q-\u003eclasses[i].qdisc = NULL;\n              WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n              q-\u003eclasses[i].deficit = 0;\n              gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n              memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-71066",
          "url": "https://www.suse.com/security/cve/CVE-2025-71066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256645 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1256645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258005 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1258005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T06:34:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-71066"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T06:34:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T06:34:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T06:34:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-kernel-373",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21467-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21467-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621467-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21467-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025882.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T12:51:00Z",
      "generator": {
        "date": "2026-05-05T12:51:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21467-1",
      "initial_release_date": "2026-05-05T12:51:00Z",
      "revision_history": [
        {
          "date": "2026-05-05T12:51:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
                "product": {
                  "name": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
                  "product_id": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T12:51:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n  (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).\n- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SL-Micro-6.2-700",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21531-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21531-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621531-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21531-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026007.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252048",
        "url": "https://bugzilla.suse.com/1252048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258005",
        "url": "https://bugzilla.suse.com/1258005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1261630",
        "url": "https://bugzilla.suse.com/1261630"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1261845",
        "url": "https://bugzilla.suse.com/1261845"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39977 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-71066 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-71066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23437 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23437/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31406 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31406/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)",
    "tracking": {
      "current_release_date": "2026-05-05T23:37:29Z",
      "generator": {
        "date": "2026-05-05T23:37:29Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21531-1",
      "initial_release_date": "2026-05-05T23:37:29Z",
      "revision_history": [
        {
          "date": "2026-05-05T23:37:29Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64",
                  "product_id": "kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.2",
                "product": {
                  "name": "SUSE Linux Micro 6.2",
                  "product_id": "SUSE Linux Micro 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
          "product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-39977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n   T1                               T2\n\n futex_wait_requeue_pi()\n   futex_do_wait()\n     schedule()\n                               futex_requeue()\n                                 futex_proxy_trylock_atomic()\n                                   futex_requeue_pi_prepare()\n                                   requeue_pi_wake_futex()\n                                     futex_requeue_pi_complete()\n                                      /* preempt */\n\n         * timeout/ signal wakes T1 *\n\n   futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n   futex_hash_put()\n  // back to userland, on stack futex_q is garbage\n\n                                      /* back */\n                                     wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state().  A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39977",
          "url": "https://www.suse.com/security/cve/CVE-2025-39977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252046 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252048 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39977"
    },
    {
      "cve": "CVE-2025-71066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-71066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i \u003c oldbands; i++) {\n              if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n                      list_del_init(\u0026q-\u003eclasses[i].alist);\n              qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n      }\n\n      WRITE_ONCE(q-\u003enbands, nbands);\n      for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n              if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t      // (2) the class is added to the q-\u003eactive\n                      list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n                      q-\u003eclasses[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-\u003enstrict, nstrict);\n      memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i \u003c q-\u003enbands; i++)\n              WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n      for (i = oldbands; i \u003c q-\u003enbands; i++) {\n              q-\u003eclasses[i].qdisc = queues[i];\n              if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n                      qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t      // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t      //  freeing it\n              qdisc_put(q-\u003eclasses[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q-\u003eclasses[i].qdisc = NULL;\n              WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n              q-\u003eclasses[i].deficit = 0;\n              gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n              memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-71066",
          "url": "https://www.suse.com/security/cve/CVE-2025-71066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256645 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1256645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258005 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1258005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-71066"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-23437",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23437"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: shaper: protect late read accesses to the hierarchy\n\nWe look up a netdev during prep of Netlink ops (pre- callbacks)\nand take a ref to it. Then later in the body of the callback\nwe take its lock or RCU which are the actual protections.\n\nThis is not proper, a conversion from a ref to a locked netdev\nmust include a liveness check (a check if the netdev hasn\u0027t been\nunregistered already). Fix the read cases (those under RCU).\nWrites needs a separate change to protect from creating the\nhierarchy after flush has already run.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23437",
          "url": "https://www.suse.com/security/cve/CVE-2026-23437"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261635 for CVE-2026-23437",
          "url": "https://bugzilla.suse.com/1261635"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261845 for CVE-2026-23437",
          "url": "https://bugzilla.suse.com/1261845"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23437"
    },
    {
      "cve": "CVE-2026-31406",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31406"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()\n\nAfter cancel_delayed_work_sync() is called from\nxfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes remaining\nstates via __xfrm_state_delete(), which calls\nxfrm_nat_keepalive_state_updated() to re-schedule nat_keepalive_work.\n\nThe following is a simple race scenario:\n\n           cpu0                             cpu1\n\ncleanup_net() [Round 1]\n  ops_undo_list()\n    xfrm_net_exit()\n      xfrm_nat_keepalive_net_fini()\n        cancel_delayed_work_sync(nat_keepalive_work);\n      xfrm_state_fini()\n        xfrm_state_flush()\n          xfrm_state_delete(x)\n            __xfrm_state_delete(x)\n              xfrm_nat_keepalive_state_updated(x)\n                schedule_delayed_work(nat_keepalive_work);\n  rcu_barrier();\n  net_complete_free();\n  net_passive_dec(net);\n    llist_add(\u0026net-\u003edefer_free_list, \u0026defer_free_list);\n\ncleanup_net() [Round 2]\n  rcu_barrier();\n  net_complete_free()\n    kmem_cache_free(net_cachep, net);\n                                     nat_keepalive_work()\n                                       // on freed net\n\nTo prevent this, cancel_delayed_work_sync() is replaced with\ndisable_delayed_work_sync().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31406",
          "url": "https://www.suse.com/security/cve/CVE-2026-31406"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261629 for CVE-2026-31406",
          "url": "https://bugzilla.suse.com/1261629"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1261630 for CVE-2026-31406",
          "url": "https://bugzilla.suse.com/1261630"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31406"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263938 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263939 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264274 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1264274"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T23:37:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise kernel 4.12.14-122.290 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-1773,SUSE-SLE-Live-Patching-12-SP5-2026-1779",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1773-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:1773-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261773-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:1773-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025949.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)",
    "tracking": {
      "current_release_date": "2026-05-08T15:33:54Z",
      "generator": {
        "date": "2026-05-08T15:33:54Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:1773-1",
      "initial_release_date": "2026-05-08T15:33:54Z",
      "revision_history": [
        {
          "date": "2026-05-08T15:33:54Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_272-default-10-2.1.ppc64le",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_272-default-10-2.1.ppc64le",
                  "product_id": "kgraft-patch-4_12_14-122_272-default-10-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
                  "product_id": "kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_272-default-10-2.1.s390x",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_272-default-10-2.1.s390x",
                  "product_id": "kgraft-patch-4_12_14-122_272-default-10-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
                  "product_id": "kgraft-patch-4_12_14-122_290-default-6-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_272-default-10-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_272-default-10-2.1.x86_64",
                  "product_id": "kgraft-patch-4_12_14-122_272-default-10-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64",
                  "product_id": "kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12 SP5",
                  "product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le"
        },
        "product_reference": "kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x"
        },
        "product_reference": "kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-08T15:33:54Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-08T15:33:54Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263938 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263939 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264274 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1264274"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_290-default-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-08T15:33:54Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n  (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-kernel-385",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21495-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21495-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621495-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21495-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025915.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252048",
        "url": "https://bugzilla.suse.com/1252048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258005",
        "url": "https://bugzilla.suse.com/1258005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258073",
        "url": "https://bugzilla.suse.com/1258073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38375 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39977 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-71066 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-71066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T13:10:05Z",
      "generator": {
        "date": "2026-05-05T13:10:05Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21495-1",
      "initial_release_date": "2026-05-05T13:10:05Z",
      "revision_history": [
        {
          "date": "2026-05-05T13:10:05Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
                "product": {
                  "name": "kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
                  "product_id": "kernel-livepatch-6_4_0-28-default-18-3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-28-default-18-3.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-28-default-18-3.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-28-default-18-3.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-28-default-18-3.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-28-default-18-3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38375",
          "url": "https://www.suse.com/security/cve/CVE-2025-38375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247177 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1247177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258073 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1258073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-39977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n   T1                               T2\n\n futex_wait_requeue_pi()\n   futex_do_wait()\n     schedule()\n                               futex_requeue()\n                                 futex_proxy_trylock_atomic()\n                                   futex_requeue_pi_prepare()\n                                   requeue_pi_wake_futex()\n                                     futex_requeue_pi_complete()\n                                      /* preempt */\n\n         * timeout/ signal wakes T1 *\n\n   futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n   futex_hash_put()\n  // back to userland, on stack futex_q is garbage\n\n                                      /* back */\n                                     wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state().  A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39977",
          "url": "https://www.suse.com/security/cve/CVE-2025-39977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252046 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252048 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39977"
    },
    {
      "cve": "CVE-2025-71066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-71066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i \u003c oldbands; i++) {\n              if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n                      list_del_init(\u0026q-\u003eclasses[i].alist);\n              qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n      }\n\n      WRITE_ONCE(q-\u003enbands, nbands);\n      for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n              if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t      // (2) the class is added to the q-\u003eactive\n                      list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n                      q-\u003eclasses[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-\u003enstrict, nstrict);\n      memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i \u003c q-\u003enbands; i++)\n              WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n      for (i = oldbands; i \u003c q-\u003enbands; i++) {\n              q-\u003eclasses[i].qdisc = queues[i];\n              if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n                      qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t      // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t      //  freeing it\n              qdisc_put(q-\u003eclasses[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q-\u003eclasses[i].qdisc = NULL;\n              WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n              q-\u003eclasses[i].deficit = 0;\n              gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n              memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-71066",
          "url": "https://www.suse.com/security/cve/CVE-2025-71066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256645 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1256645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258005 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1258005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-71066"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-18-3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:10:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n  (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-kernel-394",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21487-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21487-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621487-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21487-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046226.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252048",
        "url": "https://bugzilla.suse.com/1252048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258005",
        "url": "https://bugzilla.suse.com/1258005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258073",
        "url": "https://bugzilla.suse.com/1258073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38375 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39977 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-71066 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-71066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T13:15:07Z",
      "generator": {
        "date": "2026-05-05T13:15:07Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21487-1",
      "initial_release_date": "2026-05-05T13:15:07Z",
      "revision_history": [
        {
          "date": "2026-05-05T13:15:07Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
                "product": {
                  "name": "kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
                  "product_id": "kernel-livepatch-6_4_0-29-default-17-1.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-29-default-17-1.2.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-29-default-17-1.2.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-29-default-17-1.2.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x"
        },
        "product_reference": "kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-29-default-17-1.2.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-29-default-17-1.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38375",
          "url": "https://www.suse.com/security/cve/CVE-2025-38375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247177 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1247177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258073 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1258073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:15:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-39977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n   T1                               T2\n\n futex_wait_requeue_pi()\n   futex_do_wait()\n     schedule()\n                               futex_requeue()\n                                 futex_proxy_trylock_atomic()\n                                   futex_requeue_pi_prepare()\n                                   requeue_pi_wake_futex()\n                                     futex_requeue_pi_complete()\n                                      /* preempt */\n\n         * timeout/ signal wakes T1 *\n\n   futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n   futex_hash_put()\n  // back to userland, on stack futex_q is garbage\n\n                                      /* back */\n                                     wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state().  A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39977",
          "url": "https://www.suse.com/security/cve/CVE-2025-39977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252046 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252048 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:15:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39977"
    },
    {
      "cve": "CVE-2025-71066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-71066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i \u003c oldbands; i++) {\n              if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n                      list_del_init(\u0026q-\u003eclasses[i].alist);\n              qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n      }\n\n      WRITE_ONCE(q-\u003enbands, nbands);\n      for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n              if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t      // (2) the class is added to the q-\u003eactive\n                      list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n                      q-\u003eclasses[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-\u003enstrict, nstrict);\n      memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i \u003c q-\u003enbands; i++)\n              WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n      for (i = oldbands; i \u003c q-\u003enbands; i++) {\n              q-\u003eclasses[i].qdisc = queues[i];\n              if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n                      qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t      // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t      //  freeing it\n              qdisc_put(q-\u003eclasses[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q-\u003eclasses[i].qdisc = NULL;\n              WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n              q-\u003eclasses[i].deficit = 0;\n              gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n              memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-71066",
          "url": "https://www.suse.com/security/cve/CVE-2025-71066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256645 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1256645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258005 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1258005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:15:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-71066"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:15:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:15:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.s390x",
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-29-default-17-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:15:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 15 SP6 kernel was updated to fix one security issue\n\nThe following security issue was fixed:\n\n- CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-1670,SUSE-SLE-Micro-5.5-2026-1670,SUSE-SLE-Module-Live-Patching-15-SP5-2026-1670,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1670,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1670,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1670,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1670",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1670-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:1670-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261670-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:1670-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025837.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1262573",
        "url": "https://bugzilla.suse.com/1262573"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2026-05-02T05:53:40Z",
      "generator": {
        "date": "2026-05-02T05:53:40Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:1670-1",
      "initial_release_date": "2026-05-02T05:53:40Z",
      "revision_history": [
        {
          "date": "2026-05-02T05:53:40Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "cluster-md-kmp-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dlm-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dlm-kmp-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-allwinner-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-allwinner-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-allwinner-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-altera-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-altera-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-altera-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amazon-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-amazon-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-amazon-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amd-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-amd-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-amd-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-amlogic-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-amlogic-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-amlogic-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-apm-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-apm-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-apm-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-apple-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-apple-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-apple-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-arm-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-arm-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-arm-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-broadcom-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-broadcom-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-broadcom-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-cavium-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-cavium-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-cavium-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-exynos-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-exynos-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-exynos-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-freescale-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-freescale-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-freescale-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-hisilicon-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-hisilicon-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-hisilicon-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-lg-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-lg-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-lg-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-marvell-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-marvell-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-marvell-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-mediatek-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-mediatek-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-mediatek-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-nvidia-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-nvidia-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-nvidia-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-qcom-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-qcom-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-qcom-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-renesas-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-renesas-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-renesas-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-rockchip-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-rockchip-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-rockchip-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-socionext-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-socionext-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-socionext-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-sprd-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-sprd-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-sprd-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dtb-xilinx-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "dtb-xilinx-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "dtb-xilinx-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "gfs2-kmp-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-extra-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-64kb-extra-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-64kb-extra-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-64kb-optional-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-64kb-optional-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-64kb-optional-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-default-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
                "product": {
                  "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
                  "product_id": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-default-extra-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-default-livepatch-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-default-optional-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-kvmsmall-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-kvmsmall-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-obs-qa-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kernel-syms-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kernel-syms-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kselftests-kmp-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "kselftests-kmp-default-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "ocfs2-kmp-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-64kb-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "reiserfs-kmp-64kb-5.14.21-150500.55.149.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64",
                  "product_id": "reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-5.14.21-150500.55.149.1.noarch",
                "product": {
                  "name": "kernel-devel-5.14.21-150500.55.149.1.noarch",
                  "product_id": "kernel-devel-5.14.21-150500.55.149.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-5.14.21-150500.55.149.1.noarch",
                "product": {
                  "name": "kernel-docs-5.14.21-150500.55.149.1.noarch",
                  "product_id": "kernel-docs-5.14.21-150500.55.149.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-html-5.14.21-150500.55.149.1.noarch",
                "product": {
                  "name": "kernel-docs-html-5.14.21-150500.55.149.1.noarch",
                  "product_id": "kernel-docs-html-5.14.21-150500.55.149.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-5.14.21-150500.55.149.1.noarch",
                "product": {
                  "name": "kernel-macros-5.14.21-150500.55.149.1.noarch",
                  "product_id": "kernel-macros-5.14.21-150500.55.149.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-5.14.21-150500.55.149.1.noarch",
                "product": {
                  "name": "kernel-source-5.14.21-150500.55.149.1.noarch",
                  "product_id": "kernel-source-5.14.21-150500.55.149.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-5.14.21-150500.55.149.1.noarch",
                "product": {
                  "name": "kernel-source-vanilla-5.14.21-150500.55.149.1.noarch",
                  "product_id": "kernel-source-vanilla-5.14.21-150500.55.149.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-default-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
                "product": {
                  "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
                  "product_id": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-default-extra-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-default-optional-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-kvmsmall-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le",
                  "product_id": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-obs-qa-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kernel-syms-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kernel-syms-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "kselftests-kmp-default-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
                  "product_id": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "dlm-kmp-default-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "gfs2-kmp-default-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-default-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-default-devel-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-default-extra-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-default-livepatch-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-default-optional-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x",
                  "product_id": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-obs-build-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-obs-qa-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-syms-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-syms-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kernel-zfcpdump-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "kselftests-kmp-default-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x",
                  "product_id": "reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
                "product": {
                  "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
                  "product_id": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
                "product": {
                  "name": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
                  "product_id": "kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-extra-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-optional-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-optional-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-optional-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-vdso-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-default-vdso-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-default-vdso-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-kvmsmall-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-kvmsmall-devel-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-kvmsmall-vdso-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-kvmsmall-vdso-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-kvmsmall-vdso-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64",
                  "product_id": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-qa-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-obs-qa-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-obs-qa-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kernel-syms-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kernel-syms-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "kselftests-kmp-default-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
                  "product_id": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.5",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.5",
                  "product_id": "SUSE Linux Enterprise Micro 5.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP5",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:kernel-source-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x"
        },
        "product_reference": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64"
        },
        "product_reference": "kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-64kb-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-devel-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-docs-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-64kb-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-devel-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-docs-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-64kb-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-devel-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-docs-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "kernel-zfcpdump-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64"
        },
        "product_reference": "kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-devel-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-docs-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-macros-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-5.14.21-150500.55.149.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.149.1.noarch"
        },
        "product_reference": "kernel-source-5.14.21-150500.55.149.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "kernel-syms-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64",
          "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
          "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
          "SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Micro 5.5:kernel-source-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.149.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Micro 5.5:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-default-livepatch-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1.x86_64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise Micro 5.5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise Micro 5.5:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Micro 5.5:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-64kb-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:kernel-zfcpdump-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.s390x",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:cluster-md-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dlm-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-default-devel-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-devel-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-docs-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-macros-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-obs-build-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-source-5.14.21-150500.55.149.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kernel-syms-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ocfs2-kmp-default-5.14.21-150500.55.149.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:reiserfs-kmp-default-5.14.21-150500.55.149.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-02T05:53:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-kernel-373",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21494-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21494-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621494-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21494-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025916.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T12:51:00Z",
      "generator": {
        "date": "2026-05-05T12:51:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21494-1",
      "initial_release_date": "2026-05-05T12:51:00Z",
      "revision_history": [
        {
          "date": "2026-05-05T12:51:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
                "product": {
                  "name": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
                  "product_id": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-41-default-2-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
          "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.s390x",
            "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-41-default-2-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T12:51:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise kernel 4.12.14-122.266 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-1790,SUSE-SLE-Live-Patching-12-SP5-2026-1790",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1790-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:1790-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261790-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:1790-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025987.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258073",
        "url": "https://bugzilla.suse.com/1258073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38375 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5)",
    "tracking": {
      "current_release_date": "2026-05-09T11:04:04Z",
      "generator": {
        "date": "2026-05-09T11:04:04Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:1790-1",
      "initial_release_date": "2026-05-09T11:04:04Z",
      "revision_history": [
        {
          "date": "2026-05-09T11:04:04Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
                  "product_id": "kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
                  "product_id": "kgraft-patch-4_12_14-122_266-default-14-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64",
                  "product_id": "kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 12 SP5",
                  "product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le"
        },
        "product_reference": "kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x"
        },
        "product_reference": "kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38375",
          "url": "https://www.suse.com/security/cve/CVE-2025-38375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247177 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1247177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258073 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1258073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-09T11:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-09T11:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-09T11:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
          "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263938 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263939 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263939"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264274 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1264274"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.s390x",
            "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_266-default-14-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-09T11:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073).\n- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).\n- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n  (bsc#1258005).\n- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655).\n- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126).\n- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-kernel-376",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21470-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:21470-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621470-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:21470-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025879.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252048",
        "url": "https://bugzilla.suse.com/1252048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258005",
        "url": "https://bugzilla.suse.com/1258005"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258073",
        "url": "https://bugzilla.suse.com/1258073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258655",
        "url": "https://bugzilla.suse.com/1258655"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259126",
        "url": "https://bugzilla.suse.com/1259126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1263689",
        "url": "https://bugzilla.suse.com/1263689"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38375 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38375/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39977 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39977/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-71066 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-71066/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23004 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23204 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23204/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-31431 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-31431/"
      }
    ],
    "title": "Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)",
    "tracking": {
      "current_release_date": "2026-05-05T13:07:20Z",
      "generator": {
        "date": "2026-05-05T13:07:20Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:21470-1",
      "initial_release_date": "2026-05-05T13:07:20Z",
      "revision_history": [
        {
          "date": "2026-05-05T13:07:20Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38375",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38375"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38375",
          "url": "https://www.suse.com/security/cve/CVE-2025-38375"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247177 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1247177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258073 for CVE-2025-38375",
          "url": "https://bugzilla.suse.com/1258073"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:07:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-39977",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39977"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n   T1                               T2\n\n futex_wait_requeue_pi()\n   futex_do_wait()\n     schedule()\n                               futex_requeue()\n                                 futex_proxy_trylock_atomic()\n                                   futex_requeue_pi_prepare()\n                                   requeue_pi_wake_futex()\n                                     futex_requeue_pi_complete()\n                                      /* preempt */\n\n         * timeout/ signal wakes T1 *\n\n   futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n   futex_hash_put()\n  // back to userland, on stack futex_q is garbage\n\n                                      /* back */\n                                     wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state().  A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39977",
          "url": "https://www.suse.com/security/cve/CVE-2025-39977"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252046 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252046"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252048 for CVE-2025-39977",
          "url": "https://bugzilla.suse.com/1252048"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:07:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39977"
    },
    {
      "cve": "CVE-2025-71066",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-71066"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: Always remove class from active list before deleting in ets_qdisc_change\n\nzdi-disclosures@trendmicro.com says:\n\nThe vulnerability is a race condition between `ets_qdisc_dequeue` and\n`ets_qdisc_change`.  It leads to UAF on `struct Qdisc` object.\nAttacker requires the capability to create new user and network namespace\nin order to trigger the bug.\nSee my additional commentary at the end of the analysis.\n\nAnalysis:\n\nstatic int ets_qdisc_change(struct Qdisc *sch, struct nlattr *opt,\n                          struct netlink_ext_ack *extack)\n{\n...\n\n      // (1) this lock is preventing .change handler (`ets_qdisc_change`)\n      //to race with .dequeue handler (`ets_qdisc_dequeue`)\n      sch_tree_lock(sch);\n\n      for (i = nbands; i \u003c oldbands; i++) {\n              if (i \u003e= q-\u003enstrict \u0026\u0026 q-\u003eclasses[i].qdisc-\u003eq.qlen)\n                      list_del_init(\u0026q-\u003eclasses[i].alist);\n              qdisc_purge_queue(q-\u003eclasses[i].qdisc);\n      }\n\n      WRITE_ONCE(q-\u003enbands, nbands);\n      for (i = nstrict; i \u003c q-\u003enstrict; i++) {\n              if (q-\u003eclasses[i].qdisc-\u003eq.qlen) {\n\t\t      // (2) the class is added to the q-\u003eactive\n                      list_add_tail(\u0026q-\u003eclasses[i].alist, \u0026q-\u003eactive);\n                      q-\u003eclasses[i].deficit = quanta[i];\n              }\n      }\n      WRITE_ONCE(q-\u003enstrict, nstrict);\n      memcpy(q-\u003eprio2band, priomap, sizeof(priomap));\n\n      for (i = 0; i \u003c q-\u003enbands; i++)\n              WRITE_ONCE(q-\u003eclasses[i].quantum, quanta[i]);\n\n      for (i = oldbands; i \u003c q-\u003enbands; i++) {\n              q-\u003eclasses[i].qdisc = queues[i];\n              if (q-\u003eclasses[i].qdisc != \u0026noop_qdisc)\n                      qdisc_hash_add(q-\u003eclasses[i].qdisc, true);\n      }\n\n      // (3) the qdisc is unlocked, now dequeue can be called in parallel\n      // to the rest of .change handler\n      sch_tree_unlock(sch);\n\n      ets_offload_change(sch);\n      for (i = q-\u003enbands; i \u003c oldbands; i++) {\n\t      // (4) we\u0027re reducing the refcount for our class\u0027s qdisc and\n\t      //  freeing it\n              qdisc_put(q-\u003eclasses[i].qdisc);\n\t      // (5) If we call .dequeue between (4) and (5), we will have\n\t      // a strong UAF and we can control RIP\n              q-\u003eclasses[i].qdisc = NULL;\n              WRITE_ONCE(q-\u003eclasses[i].quantum, 0);\n              q-\u003eclasses[i].deficit = 0;\n              gnet_stats_basic_sync_init(\u0026q-\u003eclasses[i].bstats);\n              memset(\u0026q-\u003eclasses[i].qstats, 0, sizeof(q-\u003eclasses[i].qstats));\n      }\n      return 0;\n}\n\nComment:\nThis happens because some of the classes have their qdiscs assigned to\nNULL, but remain in the active list. This commit fixes this issue by always\nremoving the class from the active list before deleting and freeing its\nassociated qdisc\n\nReproducer Steps\n(trimmed version of what was sent by zdi-disclosures@trendmicro.com)\n\n```\nDEV=\"${DEV:-lo}\"\nROOT_HANDLE=\"${ROOT_HANDLE:-1:}\"\nBAND2_HANDLE=\"${BAND2_HANDLE:-20:}\"   # child under 1:2\nPING_BYTES=\"${PING_BYTES:-48}\"\nPING_COUNT=\"${PING_COUNT:-200000}\"\nPING_DST=\"${PING_DST:-127.0.0.1}\"\n\nSLOW_TBF_RATE=\"${SLOW_TBF_RATE:-8bit}\"\nSLOW_TBF_BURST=\"${SLOW_TBF_BURST:-100b}\"\nSLOW_TBF_LAT=\"${SLOW_TBF_LAT:-1s}\"\n\ncleanup() {\n  tc qdisc del dev \"$DEV\" root 2\u003e/dev/null\n}\ntrap cleanup EXIT\n\nip link set \"$DEV\" up\n\ntc qdisc del dev \"$DEV\" root 2\u003e/dev/null || true\n\ntc qdisc add dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\n\ntc qdisc add dev \"$DEV\" parent 1:2 handle \"$BAND2_HANDLE\" \\\n  tbf rate \"$SLOW_TBF_RATE\" burst \"$SLOW_TBF_BURST\" latency \"$SLOW_TBF_LAT\"\n\ntc filter add dev \"$DEV\" parent 1: protocol all prio 1 u32 match u32 0 0 flowid 1:2\ntc -s qdisc ls dev $DEV\n\nping -I \"$DEV\" -f -c \"$PING_COUNT\" -s \"$PING_BYTES\" -W 0.001 \"$PING_DST\" \\\n  \u003e/dev/null 2\u003e\u00261 \u0026\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 0\ntc qdisc change dev \"$DEV\" root handle \"$ROOT_HANDLE\" ets bands 2 strict 2\ntc -s qdisc ls dev $DEV\ntc qdisc del dev \"$DEV\" parent \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-71066",
          "url": "https://www.suse.com/security/cve/CVE-2025-71066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256645 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1256645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258005 for CVE-2025-71066",
          "url": "https://bugzilla.suse.com/1258005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:07:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-71066"
    },
    {
      "cve": "CVE-2026-23004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()\n\nsyzbot was able to crash the kernel in rt6_uncached_list_flush_dev()\nin an interesting way [1]\n\nCrash happens in list_del_init()/INIT_LIST_HEAD() while writing\nlist-\u003eprev, while the prior write on list-\u003enext went well.\n\nstatic inline void INIT_LIST_HEAD(struct list_head *list)\n{\n\tWRITE_ONCE(list-\u003enext, list); // This went well\n\tWRITE_ONCE(list-\u003eprev, list); // Crash, @list has been freed.\n}\n\nIssue here is that rt6_uncached_list_del() did not attempt to lock\nul-\u003elock, as list_empty(\u0026rt-\u003edst.rt_uncached) returned\ntrue because the WRITE_ONCE(list-\u003enext, list) happened on the other CPU.\n\nWe might use list_del_init_careful() and list_empty_careful(),\nor make sure rt6_uncached_list_del() always grabs the spinlock\nwhenever rt-\u003edst.rt_uncached_list has been set.\n\nA similar fix is neeed for IPv4.\n\n[1]\n\n BUG: KASAN: slab-use-after-free in INIT_LIST_HEAD include/linux/list.h:46 [inline]\n BUG: KASAN: slab-use-after-free in list_del_init include/linux/list.h:296 [inline]\n BUG: KASAN: slab-use-after-free in rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n BUG: KASAN: slab-use-after-free in rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\nWrite of size 8 at addr ffff8880294cfa78 by task kworker/u8:14/3450\n\nCPU: 0 UID: 0 PID: 3450 Comm: kworker/u8:14 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n  dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xca/0x240 mm/kasan/report.c:482\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\n  INIT_LIST_HEAD include/linux/list.h:46 [inline]\n  list_del_init include/linux/list.h:296 [inline]\n  rt6_uncached_list_flush_dev net/ipv6/route.c:191 [inline]\n  rt6_disable_ip+0x633/0x730 net/ipv6/route.c:5020\n  addrconf_ifdown+0x143/0x18a0 net/ipv6/addrconf.c:3853\n addrconf_notify+0x1bc/0x1050 net/ipv6/addrconf.c:-1\n  notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n  call_netdevice_notifiers_extack net/core/dev.c:2268 [inline]\n  call_netdevice_notifiers net/core/dev.c:2282 [inline]\n  netif_close_many+0x29c/0x410 net/core/dev.c:1785\n  unregister_netdevice_many_notify+0xb50/0x2330 net/core/dev.c:12353\n  ops_exit_rtnl_list net/core/net_namespace.c:187 [inline]\n  ops_undo_list+0x3dc/0x990 net/core/net_namespace.c:248\n  cleanup_net+0x4de/0x7b0 net/core/net_namespace.c:696\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246\n \u003c/TASK\u003e\n\nAllocated by task 803:\n  kasan_save_stack mm/kasan/common.c:57 [inline]\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n  unpoison_slab_object mm/kasan/common.c:340 [inline]\n  __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366\n  kasan_slab_alloc include/linux/kasan.h:253 [inline]\n  slab_post_alloc_hook mm/slub.c:4953 [inline]\n  slab_alloc_node mm/slub.c:5263 [inline]\n  kmem_cache_alloc_noprof+0x18d/0x6c0 mm/slub.c:5270\n  dst_alloc+0x105/0x170 net/core/dst.c:89\n  ip6_dst_alloc net/ipv6/route.c:342 [inline]\n  icmp6_dst_alloc+0x75/0x460 net/ipv6/route.c:3333\n  mld_sendpack+0x683/0xe60 net/ipv6/mcast.c:1844\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n  process_one_work kernel/workqueue.c:3257 [inline]\n  process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n  kthread+0x711/0x8a0 kernel/kthread.c:463\n  ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23004",
          "url": "https://www.suse.com/security/cve/CVE-2026-23004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257231 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1257231"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258655 for CVE-2026-23004",
          "url": "https://bugzilla.suse.com/1258655"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:07:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23004"
    },
    {
      "cve": "CVE-2026-23204",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23204"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23204",
          "url": "https://www.suse.com/security/cve/CVE-2026-23204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258340 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1258340"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259126 for CVE-2026-23204",
          "url": "https://bugzilla.suse.com/1259126"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:07:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23204"
    },
    {
      "cve": "CVE-2026-31431",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-31431"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-31431",
          "url": "https://www.suse.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262573 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1262573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1263689 for CVE-2026-31431",
          "url": "https://bugzilla.suse.com/1263689"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-31-rt-16-1.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-05-05T13:07:20Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-31431"
    }
  ]
}