SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0278-1)

high Nessus Plugin ID 296481

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0278-1 advisory.

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40187: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (bsc#1253647).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40287: exfat: fix improper check of dentry.stream.valid_size (bsc#1255030).
- CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40330: bnxt_en: Shutdown FW DMA in bnxt_shutdown() (bsc#1254616).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40357: net/smc: fix general protection fault in __smc_diag_dump (bsc#1255097).
- CVE-2025-68197: bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (bsc#1255242).
- CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).

The following non security issues were fixed:

- ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes).
- ACPI: PCC: Fix race condition by removing static qualifier (git-fixes).
- ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes).
- ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes).
- ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes).
- ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes).
- ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes).
- ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes).
- ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes).
- ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes).
- ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes).
- ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes).
- ALSA: uapi: Fix typo in asound.h comment (git-fixes).
- ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes).
- ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes).
- ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
- ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes).
- ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes).
- ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes).
- ASoC: ak4458: Disable regulator when error happens (git-fixes).
- ASoC: ak4458: remove the reset operation in probe and remove (git-fixes).
- ASoC: ak5558: Disable regulator when error happens (git-fixes).
- ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes).
- ASoC: codecs: lpass-tx-macro: fix SM6115 support (git-fixes).
- ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes).
- ASoC: fsl_xcvr: clear the channel status control memory (git-fixes).
- ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes).
- ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes).
- ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes).
- ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: stm32: sai: fix OF node leak on probe (git-fixes).
- ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes).
- ASoC: stm32: sai: fix device leak on probe (git-fixes).
- ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes).
- Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes).
- Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (git-fixes).
- Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes).
- Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes).
- Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref (git-fixes).
- Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface (git-fixes).
- Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes).
- Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes).
- Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes).
- Documentation: hid-alps: Fix packet format section headings (git-fixes).
- Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes).
- HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes).
- HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes).
- HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes).
- HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes).
- HID: logitech-dj: Remove duplicate error logging (git-fixes).
- HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes).
- HID: quirks: work around VID/PID conflict for appledisplay (git-fixes).
- Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes).
- Input: cros_ec_keyb - fix an invalid memory access (stable-fixes).
- Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes).
- Input: goodix - add support for ACPI ID GDX9110 (stable-fixes).
- Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes).
- KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes).
- KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes).
- KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255463).
- PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes).
- PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes).
- PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes).
- PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes).
- PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes).
- Revert 'drm/amd/display: Fix pbn to kbps Conversion' (stable-fixes).
- Revert 'drm/amd/display: Move setup_stream_attribute' (stable-fixes).
- Revert 'drm/amd: Skip power ungate during suspend for VPE' (git-fixes).
- Revert 'mtd: rawnand: marvell: fix layouts' (git-fixes).
- Revert 'net: r8169: Disable multicast filter for RTL8168H and RTL8107E' (jsc#PED-14353).
- Revert 'r8169: don't try to disable interrupts if NAPI is, scheduled already' (jsc#PED-14353).
- USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes).
- USB: lpc32xx_udc: Fix error handling in probe (git-fixes).
- USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes).
- USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes).
- USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: option: add Foxconn T99W760 (stable-fixes).
- USB: serial: option: add Quectel RG255C (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes).
- USB: serial: option: add UNISOC UIS7720 (stable-fixes).
- USB: serial: option: add support for Rolling RW101R-GL (stable-fixes).
- USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes).
- USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes).
- accel/ivpu: Fix DCT active percent format (git-fixes).
- accel/ivpu: Fix race condition when unbinding BOs (git-fixes).
- arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes).
- arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes).
- atm/fore200e: Fix possible data race in fore200e_open() (git-fixes).
- atm: Fix dma_free_coherent() size (git-fixes).
- atm: idt77252: Add missing `dma_map_error()` (stable-fixes).
- backlight: led-bl: Add devlink to supplier LEDs (git-fixes).
- backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes).
- bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433).
- bpf: Reject bpf_timer for PREEMPT_RT (git-fixes).
- broadcom: b44: prevent uninitialized value usage (git-fixes).
- btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe() (git-fixes).
- can: gs_usb: gs_can_open(): fix error handling (git-fixes).
- can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes).
- can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes).
- can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes).
- can: sja1000: fix max irq loop handling (git-fixes).
- can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes).
- cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434).
- char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes).
- cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
- clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes).
- clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes).
- clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes).
- clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes).
- clk: samsung: exynos-clkout: Assign .num before accessing .hws (git-fixes).
- comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes).
- comedi: check device's attached status in compat ioctls (git-fixes).
- comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes).
- comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes).
- cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (git-fixes).
- cpufreq: nforce2: fix reference count leak in nforce2 (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes).
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes).
- crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes).
- crypto: hisilicon/qm - restore original qos values (git-fixes).
- crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes).
- crypto: qat - fix duplicate restarting msg during AER error (git-fixes).
- crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes).
- crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes).
- dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes).
- dm-verity: fix unreliable memory allocation (git-fixes).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386).
- drivers/usb/dwc3: fix PCI parent check (git-fixes).
- drm/amd/amdgpu: reserve vm invalidation engine for uni_mes (stable-fixes).
- drm/amd/display: Check NULL before accessing (stable-fixes).
- drm/amd/display: Clear the CUR_ENABLE register on DCN20 on DPP5 (stable-fixes).
- drm/amd/display: Don't change brightness for disabled connectors (stable-fixes).
- drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes).
- drm/amd/display: Fix pbn to kbps Conversion (stable-fixes).
- drm/amd/display: Fix scratch registers offsets for DCN35 (stable-fixes).
- drm/amd/display: Fix scratch registers offsets for DCN351 (stable-fixes).
- drm/amd/display: Increase DPCD read retries (stable-fixes).
- drm/amd/display: Insert dccg log for easy debug (stable-fixes).
- drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes).
- drm/amd/display: Prevent Gating DTBCLK before It Is Properly Latched (git-fixes).
- drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes).
- drm/amd/display: avoid reset DTBCLK at clock init (stable-fixes).
- drm/amd/display: disable DPP RCG before DPP CLK enable (stable-fixes).
- drm/amd: Skip power ungate during suspend for VPE (stable-fixes).
- drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling (stable-fixes).
- drm/amdgpu/gmc12: add amdgpu_vm_handle_fault() handling (stable-fixes).
- drm/amdgpu: Forward VMID reservation errors (git-fixes).
- drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes).
- drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes).
- drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes).
- drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (stable-fixes).
- drm/amdkfd: Export the cwsr_size and ctl_stack_size to userspace (stable-fixes).
- drm/amdkfd: Fix GPU mappings for APU after prefetch (stable-fixes).
- drm/amdkfd: Trap handler support for expert scheduling mode (stable-fixes).
- drm/amdkfd: Use huge page size to check split svm range alignment (git-fixes).
- drm/amdkfd: bump minimum vgpr size for gfx1151 (stable-fixes).
- drm/displayid: add quirk to ignore DisplayID checksum errors (stable-fixes).
- drm/displayid: pass iter to drm_find_displayid_extension() (stable-fixes).
- drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident (stable-fixes).
- drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes).
- drm/i915/dp: Initialize the source OUI write timestamp always (stable-fixes).
- drm/i915/dp_mst: Disable Panel Replay (git-fixes).
- drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes).
- drm/i915: Fix format string truncation warning (git-fixes).
- drm/imagination: Disallow exporting of PM/FW protected objects (git-fixes).
- drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource() (git-fixes).
- drm/me/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes).
- drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes).
- drm/mediatek: Fix probe device leaks (git-fixes).
- drm/mediatek: Fix probe memory leak (git-fixes).
- drm/mediatek: Fix probe resource leaks (git-fixes).
- drm/mediatek: ovl_adaptor: Fix probe device leaks (git-fixes).
- drm/mgag200: Fix big-endian support (git-fixes).
- drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes).
- drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes).
- drm/msm/a6xx: Fix the gemnoc workaround (git-fixes).
- drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes).
- drm/msm/a6xx: Improve MX rail fallback in RPMH vote init (git-fixes).
- drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes).
- drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes).
- drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype (git-fixes).
- drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb (git-fixes).
- drm/nouveau: refactor deprecated strcpy (git-fixes).
- drm/nouveau: restrict the flush page to a 32-bit address (git-fixes).
- drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes).
- drm/panel: visionox-rm69299: Don't clear all mode flags (git-fixes).
- drm/panthor: Avoid adding of kernel BOs to extobj list (git-fixes).
- drm/panthor: Fix UAF on kernel BO VA nodes (git-fixes).
- drm/panthor: Fix group_free_queue() for partially initialized queues (git-fixes).
- drm/panthor: Fix potential memleak of vma structure (git-fixes).
- drm/panthor: Fix race with suspend during unplug (git-fixes).
- drm/panthor: Flush shmem writes before mapping buffers CPU-uncached (git-fixes).
- drm/panthor: Handle errors returned by drm_sched_entity_init() (git-fixes).
- drm/pl111: Fix error handling in pl111_amba_probe (git-fixes).
- drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties() (git-fixes).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- drm/sched: Fix race in drm_sched_entity_select_rq() (git-fixes).
- drm/tilcdc: Fix removal actions in case of failed probe (git-fixes).
- drm/tilcdc: request and mapp iomem with devres (stable-fixes).
- drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes).
- drm/vgem-fence: Fix potential deadlock on release (git-fixes).
- drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes).
- drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table (git-fixes).
- drm/xe/oa: Disallow 0 OA property values (git-fixes).
- drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() (git-fixes).
- drm/xe/oa: Limit num_syncs to prevent oversized allocations (git-fixes).
- drm/xe: Adjust long-running workload timeslices to reasonable values (git-fixes).
- drm/xe: Drop preempt-fences when destroying imported dma-bufs (git-fixes).
- drm/xe: Fix conversion from clock ticks to milliseconds (git-fixes).
- drm/xe: Limit num_syncs to prevent oversized allocations (git-fixes).
- drm/xe: Prevent BIT() overflow when handling invalid prefetch region (git-fixes).
- drm/xe: Restore engine registers before restarting schedulers after GT reset (git-fixes).
- drm/xe: Use usleep_range for accurate long-running workload timeslicing (git-fixes).
- drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler() (git-fixes).
- drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes).
- drm: sti: fix device leaks at component probe (git-fixes).
- efi/libstub: Avoid physical address 0x0 when doing random allocation (stable-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes).
- efi: stmm: Fix incorrect buffer allocation method (git-fixes).
- efi: stmm: fix kernel-doc 'bad line' warnings (git-fixes).
- exfat: add a check for invalid data size (git-fixes).
- exfat: using hweight instead of internal logic (git-fixes).
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
- fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes).
- fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes).
- fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes).
- fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes).
- firewire: nosy: Fix dma_free_coherent() size (git-fixes).
- firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes).
- firmware: imx: scu-irq: fix OF node leak in (git-fixes).
- firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes).
- firmware: stratix10-svc: fix bug in saving controller data (git-fixes).
- firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes).
- fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
- ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct() (git-fixes).
- genalloc.h: fix htmldocs warning (git-fixes).
- gpio: rockchip: mark the GPIO controller as sleeping (git-fixes).
- gpu: host1x: Fix race in syncpt alloc/free (git-fixes).
- hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes).
- hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes).
- hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes).
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes).
- i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes).
- i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes).
- i2c: i2c.h: fix a bad kernel-doc line (git-fixes).
- i3c: fix refcount inconsistency in i3c_master_register (git-fixes).
- i3c: master: Inherit DMA masks and parameters from parent device (stable-fixes).
- i3c: master: svc: Prevent incomplete IBI transaction (git-fixes).
- idr: fix idr_alloc() returning an ID out of range (git-fixes).
- iio: accel: bmc150: Fix irq assumption regression (stable-fixes).
- iio: accel: fix ADXL355 startup race condition (git-fixes).
- iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes).
- iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes).
- iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes).
- iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes).
- iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes).
- iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes).
- iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes).
- ima: Handle error code returned by ima_filter_rule_match() (git-fixes).
- intel_th: Fix error handling in intel_th_output_open (git-fixes).
- ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes).
- ipmi: Fix handling of messages with provided receive message pointer (git-fixes).
- ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes).
- ipmi: Rework user message limit handling (git-fixes).
- irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes).
- kconfig/mconf: Initialize the default locale at startup (stab ...

Please note that the description has been truncated due to length. Please refer to vendor advisory for the full description.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel-livepatch-6_4_0-150700_7_28-rt package.

Plugin Details

Severity: High

ID: 296481

File Name: suse_SU-2026-0278-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/24/2026

Updated: 1/24/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26944

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-6_4_0-150700_7_28-rt, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/23/2026

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2023-42752, CVE-2023-53743, CVE-2023-53750, CVE-2023-53752, CVE-2023-53759, CVE-2023-53762, CVE-2023-53766, CVE-2023-53768, CVE-2023-53777, CVE-2023-53778, CVE-2023-53782, CVE-2023-53784, CVE-2023-53785, CVE-2023-53787, CVE-2023-53791, CVE-2023-53792, CVE-2023-53793, CVE-2023-53794, CVE-2023-53795, CVE-2023-53797, CVE-2023-53799, CVE-2023-53807, CVE-2023-53808, CVE-2023-53813, CVE-2023-53815, CVE-2023-53819, CVE-2023-53821, CVE-2023-53823, CVE-2023-53825, CVE-2023-53828, CVE-2023-53831, CVE-2023-53834, CVE-2023-53836, CVE-2023-53839, CVE-2023-53841, CVE-2023-53842, CVE-2023-53843, CVE-2023-53844, CVE-2023-53846, CVE-2023-53847, CVE-2023-53848, CVE-2023-53850, CVE-2023-53851, CVE-2023-53852, CVE-2023-53855, CVE-2023-53856, CVE-2023-53857, CVE-2023-53858, CVE-2023-53860, CVE-2023-53861, CVE-2023-53863, CVE-2023-53864, CVE-2023-53865, CVE-2023-53989, CVE-2023-53992, CVE-2023-53994, CVE-2023-53995, CVE-2023-53996, CVE-2023-53997, CVE-2023-53998, CVE-2023-53999, CVE-2023-54000, CVE-2023-54001, CVE-2023-54005, CVE-2023-54006, CVE-2023-54008, CVE-2023-54014, CVE-2023-54016, CVE-2023-54017, CVE-2023-54019, CVE-2023-54022, CVE-2023-54023, CVE-2023-54025, CVE-2023-54026, CVE-2023-54027, CVE-2023-54030, CVE-2023-54031, CVE-2023-54032, CVE-2023-54035, CVE-2023-54037, CVE-2023-54038, CVE-2023-54042, CVE-2023-54045, CVE-2023-54048, CVE-2023-54049, CVE-2023-54051, CVE-2023-54052, CVE-2023-54060, CVE-2023-54064, CVE-2023-54066, CVE-2023-54067, CVE-2023-54069, CVE-2023-54070, CVE-2023-54072, CVE-2023-54076, CVE-2023-54080, CVE-2023-54081, CVE-2023-54083, CVE-2023-54088, CVE-2023-54089, CVE-2023-54091, CVE-2023-54092, CVE-2023-54093, CVE-2023-54094, CVE-2023-54095, CVE-2023-54096, CVE-2023-54099, CVE-2023-54101, CVE-2023-54104, CVE-2023-54106, CVE-2023-54112, CVE-2023-54113, CVE-2023-54115, CVE-2023-54117, CVE-2023-54121, CVE-2023-54125, CVE-2023-54127, CVE-2023-54133, CVE-2023-54134, CVE-2023-54135, CVE-2023-54136, CVE-2023-54137, CVE-2023-54140, CVE-2023-54141, CVE-2023-54142, CVE-2023-54143, CVE-2023-54145, CVE-2023-54148, CVE-2023-54149, CVE-2023-54153, CVE-2023-54154, CVE-2023-54155, CVE-2023-54156, CVE-2023-54164, CVE-2023-54166, CVE-2023-54169, CVE-2023-54170, CVE-2023-54171, CVE-2023-54172, CVE-2023-54173, CVE-2023-54177, CVE-2023-54178, CVE-2023-54179, CVE-2023-54181, CVE-2023-54183, CVE-2023-54185, CVE-2023-54189, CVE-2023-54194, CVE-2023-54201, CVE-2023-54204, CVE-2023-54207, CVE-2023-54209, CVE-2023-54210, CVE-2023-54211, CVE-2023-54215, CVE-2023-54219, CVE-2023-54220, CVE-2023-54221, CVE-2023-54223, CVE-2023-54224, CVE-2023-54225, CVE-2023-54227, CVE-2023-54229, CVE-2023-54230, CVE-2023-54235, CVE-2023-54240, CVE-2023-54241, CVE-2023-54246, CVE-2023-54247, CVE-2023-54251, CVE-2023-54253, CVE-2023-54254, CVE-2023-54255, CVE-2023-54258, CVE-2023-54261, CVE-2023-54263, CVE-2023-54264, CVE-2023-54266, CVE-2023-54267, CVE-2023-54271, CVE-2023-54276, CVE-2023-54278, CVE-2023-54281, CVE-2023-54282, CVE-2023-54283, CVE-2023-54285, CVE-2023-54289, CVE-2023-54291, CVE-2023-54292, CVE-2023-54293, CVE-2023-54296, CVE-2023-54297, CVE-2023-54299, CVE-2023-54300, CVE-2023-54302, CVE-2023-54303, CVE-2023-54304, CVE-2023-54309, CVE-2023-54312, CVE-2023-54313, CVE-2023-54314, CVE-2023-54315, CVE-2023-54316, CVE-2023-54318, CVE-2023-54319, CVE-2023-54322, CVE-2023-54324, CVE-2023-54326, CVE-2024-26944, CVE-2025-38321, CVE-2025-38728, CVE-2025-39977, CVE-2025-40006, CVE-2025-40024, CVE-2025-40033, CVE-2025-40042, CVE-2025-40053, CVE-2025-40081, CVE-2025-40102, CVE-2025-40123, CVE-2025-40134, CVE-2025-40135, CVE-2025-40153, CVE-2025-40158, CVE-2025-40160, CVE-2025-40167, CVE-2025-40170, CVE-2025-40178, CVE-2025-40179, CVE-2025-40187, CVE-2025-40190, CVE-2025-40211, CVE-2025-40213, CVE-2025-40215, CVE-2025-40219, CVE-2025-40220, CVE-2025-40223, CVE-2025-40225, CVE-2025-40231, CVE-2025-40233, CVE-2025-40240, CVE-2025-40242, CVE-2025-40244, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40256, CVE-2025-40258, CVE-2025-40262, CVE-2025-40263, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40274, CVE-2025-40275, CVE-2025-40276, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40297, CVE-2025-40301, CVE-2025-40302, CVE-2025-40304, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40314, CVE-2025-40315, CVE-2025-40316, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40329, CVE-2025-40330, CVE-2025-40331, CVE-2025-40332, CVE-2025-40337, CVE-2025-40338, CVE-2025-40339, CVE-2025-40340, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40351, CVE-2025-40354, CVE-2025-40357, CVE-2025-40359, CVE-2025-40360, CVE-2025-68168, CVE-2025-68170, CVE-2025-68172, CVE-2025-68176, CVE-2025-68180, CVE-2025-68181, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68190, CVE-2025-68192, CVE-2025-68194, CVE-2025-68195, CVE-2025-68197, CVE-2025-68201, CVE-2025-68204, CVE-2025-68206, CVE-2025-68207, CVE-2025-68208, CVE-2025-68209, CVE-2025-68217, CVE-2025-68218, CVE-2025-68222, CVE-2025-68223, CVE-2025-68230, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238, CVE-2025-68239, CVE-2025-68244, CVE-2025-68249, CVE-2025-68252, CVE-2025-68255, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68264, CVE-2025-68286, CVE-2025-68287, CVE-2025-68289, CVE-2025-68290, CVE-2025-68298, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68312, CVE-2025-68313, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68335, CVE-2025-68339, CVE-2025-68340, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68351, CVE-2025-68354, CVE-2025-68362, CVE-2025-68378, CVE-2025-68380, CVE-2025-68724, CVE-2025-68732, CVE-2025-68734, CVE-2025-68740, CVE-2025-68742, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68749, CVE-2025-68750, CVE-2025-68753, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68765, CVE-2025-68766

SuSE: SUSE-SU-2026:0278-1

Detections

Analytics