Detections
Analytics
SUSE SLES15 / openSUSE 15 : Recommended update for initial livepatch (SUSE-SU-2026:1041-1)
high Nessus Plugin ID 303788
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1041-1 advisory.The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992).
- CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks (bsc#1226591).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (bsc#1249998).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716).
- CVE-2025-71231: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (bsc#1258424).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
- CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850).
- CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1226591
https://bugzilla.suse.com/1241345
https://bugzilla.suse.com/1243055
https://bugzilla.suse.com/1245728
https://bugzilla.suse.com/1249998
https://bugzilla.suse.com/1251135
https://bugzilla.suse.com/1251186
https://bugzilla.suse.com/1251966
https://bugzilla.suse.com/1251971
https://bugzilla.suse.com/1252266
https://bugzilla.suse.com/1252911
https://bugzilla.suse.com/1252924
https://bugzilla.suse.com/1253049
https://bugzilla.suse.com/1254306
https://bugzilla.suse.com/1254992
https://bugzilla.suse.com/1255084
https://bugzilla.suse.com/1256564
https://bugzilla.suse.com/1256645
https://bugzilla.suse.com/1256690
https://bugzilla.suse.com/1256716
https://bugzilla.suse.com/1257231
https://bugzilla.suse.com/1257466
https://bugzilla.suse.com/1257472
https://bugzilla.suse.com/1257473
https://bugzilla.suse.com/1257732
https://bugzilla.suse.com/1257735
https://bugzilla.suse.com/1257749
https://bugzilla.suse.com/1257790
https://bugzilla.suse.com/1257891
https://bugzilla.suse.com/1257952
https://bugzilla.suse.com/1258181
https://bugzilla.suse.com/1258338
https://bugzilla.suse.com/1258340
https://bugzilla.suse.com/1258376
https://bugzilla.suse.com/1258377
https://bugzilla.suse.com/1258395
https://bugzilla.suse.com/1258424
https://bugzilla.suse.com/1258464
https://bugzilla.suse.com/1258518
https://bugzilla.suse.com/1258524
https://bugzilla.suse.com/1258832
https://bugzilla.suse.com/1258849
https://bugzilla.suse.com/1258850
https://bugzilla.suse.com/1258928
https://bugzilla.suse.com/1259070
https://bugzilla.suse.com/1259857
http://www.nessus.org/u?10dad0c3
https://www.suse.com/security/cve/CVE-2023-53817
https://www.suse.com/security/cve/CVE-2024-38542
https://www.suse.com/security/cve/CVE-2025-37861
https://www.suse.com/security/cve/CVE-2025-39817
https://www.suse.com/security/cve/CVE-2025-39964
https://www.suse.com/security/cve/CVE-2025-40099
https://www.suse.com/security/cve/CVE-2025-40103
https://www.suse.com/security/cve/CVE-2025-40253
https://www.suse.com/security/cve/CVE-2025-71066
https://www.suse.com/security/cve/CVE-2025-71113
https://www.suse.com/security/cve/CVE-2025-71231
https://www.suse.com/security/cve/CVE-2026-23004
https://www.suse.com/security/cve/CVE-2026-23054
https://www.suse.com/security/cve/CVE-2026-23060
https://www.suse.com/security/cve/CVE-2026-23074
https://www.suse.com/security/cve/CVE-2026-23089
https://www.suse.com/security/cve/CVE-2026-23111
https://www.suse.com/security/cve/CVE-2026-23141
https://www.suse.com/security/cve/CVE-2026-23157
https://www.suse.com/security/cve/CVE-2026-23191
https://www.suse.com/security/cve/CVE-2026-23202
https://www.suse.com/security/cve/CVE-2026-23204
https://www.suse.com/security/cve/CVE-2026-23207
https://www.suse.com/security/cve/CVE-2026-23209
https://www.suse.com/security/cve/CVE-2026-23214
Plugin Details
Severity: High
ID: 303788
File Name: suse_SU-2026-1041-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/26/2026
Updated: 3/26/2026
Supported Sensors: Nessus Agent, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2026-23209
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-livepatch-6_4_0-150600_23_92-default, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-64kb
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/25/2026
Vulnerability Publication Date: 7/21/2021
Reference Information
CVE: CVE-2023-53817, CVE-2024-38542, CVE-2025-37861, CVE-2025-39817, CVE-2025-39964, CVE-2025-40099, CVE-2025-40103, CVE-2025-40253, CVE-2025-71066, CVE-2025-71113, CVE-2025-71231, CVE-2026-23004, CVE-2026-23054, CVE-2026-23060, CVE-2026-23074, CVE-2026-23089, CVE-2026-23111, CVE-2026-23141, CVE-2026-23157, CVE-2026-23191, CVE-2026-23202, CVE-2026-23204, CVE-2026-23207, CVE-2026-23209, CVE-2026-23214, CVE-2026-23268, CVE-2026-23269
SuSE: SUSE-SU-2026:1041-1