SUSE SLED15 / SLES15 : Recommended update for initial livepatch (SUSE-SU-2026:1081-1)

critical Nessus Plugin ID 303965

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1081-1 advisory.

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587).
- CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (bsc#1249998).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (bsc#1253455).
- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
- CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379).
- CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68735: drm/panthor: Prevent potential UAF in group creation (bsc#1255811).
- CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698).
- CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683).
- CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640).
- CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802).
- CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708).
- CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716).
- CVE-2025-71125: tracing: Do not register unsupported perf events (bsc#1256784).
- CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635).
- CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687).
- CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411).
- CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209).
- CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).
- CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552).
- CVE-2026-23023: idpf: fix memory leak in idpf_vport_rel() (bsc#1257556).
- CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559).
- CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718).
- CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765).
- CVE-2026-23069: vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755).
- CVE-2026-23070: Octeontx2-af: Add proper checks for fwdata (bsc#1257709).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745).
- CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830).
- CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758).
- CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757).
- CVE-2026-23088: tracing: Fix crash on synthetic stacktrace field usage (bsc#1257814).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808).
- CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816).
- CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772).
- CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763).
- CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775).
- CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762).
- CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184).
- CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278).
- CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277).
- CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273).
- CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293).
- CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23154: net: fix segmentation of forwarding fraglist GRO (bsc#1258286).
- CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272).
- CVE-2026-23169: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1258389).
- CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349).
- CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520).
- CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340).
- CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23210: ice: Fix PTP NULL pointer dereference during VSI rebuild (bsc#1258517).
- CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
- CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850).
- CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857).

The following non security issues were fixed:

- ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs (git-fixes).
- ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address() (git-fixes).
- ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO (git-fixes).
- ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() (stable-fixes).
- ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP (stable-fixes).
- ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() (git-fixes).
- ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro (stable-fixes).
- ALSA: hda/realtek - fixed speaker no sound (stable-fixes).
- ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (stable-fixes).
- ALSA: hda/realtek: Add quirk for Inspur S14-G1 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (stable-fixes).
- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (stable-fixes).
- ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU (git-fixes).
- ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio (stable-fixes).
- ALSA: usb-audio: Add sanity check for OOB writes at silencing (stable-fixes).
- ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (stable-fixes).
- ALSA: usb-audio: Cap the packet size pre-calculations (git-fixes).
- ALSA: usb-audio: Check max frame size for implicit feedback mode, too (stable-fixes).
- ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes).
- ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices (git-fixes).
- ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes).
- ALSA: usb-audio: Use correct version for UAC3 header validation (git-fixes).
- ALSA: usb-audio: Use inclusive terms (git-fixes).
- ALSA: vmaster: Relax __free() variable declarations (git-fixes).
- APEI/GHES: ensure that won't go past CPER allocated record (stable-fixes).
- apparmor: fix differential encoding verification (bsc#1258849).
- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
- apparmor: fix memory leak in verify_header (bsc#1258849).
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
- apparmor: fix race on rawdata dereference (bsc#1258849).
- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
- arm64: Add support for TSV110 Spectre-BHB mitigation (git-fixes).
- arm64: Disable branch profiling for all arm64 code (git-fixes).
- arm64: Set __nocfi on swsusp_arch_resume() (git-fixes).
- ASoC: amd: drop unused Kconfig symbols (git-fixes).
- ASoC: amd: fix memory leak in acp3x pdm dma ops (git-fixes).
- ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR (stable-fixes).
- ASoC: amd: yc: Add quirk for HP 200 G2a 16 (stable-fixes).
- ASoC: amd: yc: Fix microphone on ASUS M6500RE (stable-fixes).
- ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe() (stable- fixes).
- ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (stable-fixes).
- ASoC: cs42l43: Correct handling of 3-pole jack load detection (stable-fixes).
- ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (stable-fixes).
- ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (stable-fixes).
- ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (stable-fixes).
- ASoC: nau8821: Cancel delayed work on component remove (git-fixes).
- ASoC: nau8821: Cancel pending work before suspend (git-fixes).
- ASoC: nau8821: Consistently clear interrupts before unmasking (git-fixes).
- ASoC: nau8821: Fixup nau8821_enable_jack_detect() (git-fixes).
- ASoC: pxa: drop unused Kconfig symbol (git-fixes).
- ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk (git-fixes).
- ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes).
- ASoC: SOF: ipc4-control: Keep the payload size up to date (git-fixes).
- ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls (git-fixes).
- ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio (stable-fixes).
- ASoC: tlv320adcx140: Propagate error codes during probe (stable-fixes).
- ASoC: wm8962: Add WM8962_ADC_MONOMIX to '3D Coefficients' mask (stable-fixes).
- ASoC: wm8962: Don't report a microphone if it's shorted to ground on plug (stable-fixes).
- ata: libata: avoid long timeouts on hot-unplugged SATA DAS (stable-fixes).
- ata: pata_ftide010: Fix some DMA timings (git-fixes).
- atm: fore200e: fix use-after-free in tasklets during device removal (git-fixes).
- auxdisplay: arm-charlcd: fix release_mem_region() size (git-fixes).
- backlight: qcom-wled: Change PM8950 WLED configurations (git-fixes).
- backlight: qcom-wled: Support ovp values for PMI8994 (git-fixes).
- batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes).
- block,bfq: fix aux stat accumulation destination (git-fixes).
- Bluetooth: btintel_pcie: Use IRQF_ONESHOT and default primary handler (git-fixes).
- Bluetooth: btusb: Add device ID for Realtek RTL8761BU (stable-fixes).
- Bluetooth: btusb: Add new VID/PID for RTL8852CE (stable-fixes).
- Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (stable-fixes).
- Bluetooth: hci_conn: Set link_policy on incoming ACL connections (stable-fixes).
- Bluetooth: hci_conn: use mod_delayed_work for active mode timeout (stable-fixes).
- Bluetooth: hci_qca: Cleanup on all setup failures (git-fixes).
- Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ (git-fixes).
- Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix result of L2CAP_ECRED_CONN_RSP when MTU is too short (git-fixes).
- bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691).
- bpf: selftests: Move xfrm tunnel test to test_progs (bsc#1258860).
- bpf: selftests: test_tunnel: Setup fresh topology for each subtest (bsc#1258860).
- bpf: selftests: test_tunnel: Use vmlinux.h declarations (bsc#1258860).
- bpf: verifier improvement in 32bit shift sign extension pattern (git-fixes).
- bpf: xfrm: Add bpf_xdp_get_xfrm_state() kfunc (bsc#1258860).
- bpf: xfrm: Add selftest for bpf_xdp_get_xfrm_state() (bsc#1258860).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- bus: fsl-mc: fix an error handling in fsl_mc_device_add() (git-fixes).
- bus: fsl-mc: fix use-after-free in driver_override_show() (git-fixes).
- bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (stable-fixes).
- can: bcm: fix locking for bcm_op runtime updates (git-fixes).
- can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes).
- can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value (git-fixes).
- can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes).
- can: ucan: Fix infinite loop from zero-length messages (git-fixes).
- can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes).
- cgroup: Fix incorrect WARN_ON_ONCE() in css_release_work_fn() (bsc#1256564 bsc#1259130).
- cgroup: Show # of subsystem CSSes in cgroup.stat (bsc#1256564 bsc#1259130).
- char: tpm: cr50: Remove IRQF_ONESHOT (git-fixes).
- char: tpm: cr50: Remove IRQF_ONESHOT (stable-fixes).
- cifs: add xid to query server interface call (git-fixes).
- clk: clk-apple-nco: Add 'apple,t8103-nco' compatible (git-fixes).
- clk: mediatek: Fix error handling in runtime PM setup (git-fixes).
- clk: meson: g12a: Limit the HDMI PLL OD to /4 (git-fixes).
- clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs (git-fixes).
- clk: mvebu: cp110 add CLK_IGNORE_UNUSED to pcie_x10, pcie_x11 & (git-fixes).
- clk: qcom: dispcc-sdm845: Enable parents for pixel clocks (git-fixes).
- clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes).
- clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes).
- clk: qcom: gfx3d: add parent to parent request map (git-fixes).
- clk: qcom: rcg2: compute 2d using duty fraction directly (git-fixes).
- clk: renesas: rzg2l: Fix intin variable size (git-fixes).
- clk: renesas: rzg2l: Select correct div round macro (git-fixes).
- clk: tegra: tegra124-emc: fix device leak on set_rate() (git-fixes).
- clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc() (git-fixes).
- clocksource: hyper-v: Fix warnings for missing export.h header inclusion (git-fixes).
- clocksource: Print durations for sync check unconditionally (bsc#1241345).
- clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345).
- config.conf: add kernel-azure as additonal flavor (bsc#1258037).
- config.conf: Drop armv7hl builds (bsc#1255265).
- cpu: export lockdep_assert_cpus_held() (git-fixes).
- cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update (bsc#1247180).
- cpufreq/amd-pstate: Add the missing cpufreq_cpu_put() (bsc#1247180).
- cpufreq/amd-pstate: fix setting policy current frequency value (bsc#1247180).
- cpufreq/amd-pstate: Fix the clamping of perf values (bsc#1247180).
- cpufreq/amd-pstate: Modularize perf<->freq conversion (bsc#1247180).
- cpufreq/amd-pstate: Refactor max frequency calculation (bsc#1247180).
- cpufreq/amd-pstate: store all values in cpudata struct in khz (bsc#1247180).
- cpufreq: amd-pstate: Unify computation of {max,min,nominal,lowest_nonlinear}_freq (bsc#1247180).
- crypto: cavium - fix dma_free_coherent() size (git-fixes).
- crypto: ccp - Add an S4 restore flow (git-fixes).
- crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable (git-fixes).
- crypto: hisilicon/trng - support tfms sharing the device (git-fixes).
- crypto: hisilicon/zip - adjust the way to obtain the req in the callback function (git-fixes).
- crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (git-fixes).
- crypto: octeontx - fix dma_free_coherent() size (git-fixes).
- crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (git-fixes).
- crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (git-fixes).
- crypto: qat - fix parameter order used in ICP_QAT_FW_COMN_FLAGS_BUILD (git-fixes).
- crypto: qat - fix warning on adf_pfvf_pf_proto.c (git-fixes).
- crypto: virtio - Add spinlock protection with virtqueue notification (git-fixes).
- crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (git-fixes).
- device property: Allow secondary lookup in fwnode_get_next_child_node() (git-fixes).
- dm mpath: make pg_init_delay_msecs settable (git-fixes).
- dm-bufio: align write boundary on physical block size (git-fixes).
- dm-ebs: Mark full buffer dirty even on partial write (git-fixes).
- dm-snapshot: fix 'scheduling while atomic' on real-time kernels (git-fixes).
- dm: clear cloned request bio pointer when last clone bio completes (git-fixes).
- dm: remove fake timeout to avoid leak request (git-fixes).
- dma: dma-axi-dmac: fix SW cyclic transfers (git-fixes).
- dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX (git-fixes).
- dmaengine: sun6i: Choose appropriate burst length under maxburst (stable-fixes).
- Documentation: mailbox: mbox_chan_ops.flush() is optional (git-fixes).
- Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors (git-fixes).
- drivers/hv: add CPU offlining support (git-fixes).
- drivers/hv: introduce vmbus_channel_set_cpu() (git-fixes).
- Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary (git-fixes).
- Drivers: hv: Always do Hyper-V panic notification in hv_kmsg_dump() (git-fixes).
- Drivers: hv: Fix bad pointer dereference in hv_get_partition_id (git-fixes).
- Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes).
- Drivers: hv: Fix the check for HYPERVISOR_CALLBACK_VECTOR (git-fixes).
- Drivers: hv: Fix warnings for missing export.h header inclusion (git-fixes).
- Drivers: hv: remove stale comment (git-fixes).
- Drivers: hv: Resolve ambiguity in hypervisor version log (git-fixes).
- Drivers: hv: use kmalloc_array() instead of kmalloc() (git-fixes).
- Drivers: hv: Use kzalloc for panic page allocation (git-fixes).
- Drivers: hv: util: Cosmetic changes for hv_utils_transport.c (git-fixes).
- Drivers: hv: vmbus: Add comments about races with 'channels' sysfs dir (git-fixes).
- Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes).
- Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git-fixes).
- Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes).
- Drivers: hv: vmbus: Get the IRQ number from DeviceTree (git-fixes).
- Drivers: hv: vmbus: Introduce hv_get_vmbus_root_device() (git-fixes).
- drivers: iio: mpu3050: use dev_err_probe for regulator request (git-fixes).
- drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src (stable-fixes).
- drm/amd/display: Add USB-C DP Alt Mode lane limitation in DCN32 (stable-fixes).
- drm/amd/display: avoid dig reg access timeout on usb4 link training fail (stable-fixes).
- drm/amd/display: Avoid updating surface with the same surface under MPO (stable-fixes).
- drm/amd/display: bypass post csc for additional color spaces in dal (stable-fixes).
- drm/amd/display: Disable FEC when powering down encoders (stable-fixes).
- drm/amd/display: extend delta clamping logic to CM3 LUT helper (stable-fixes).
- drm/amd/display: Fix dsc eDP issue (stable-fixes).
- drm/amd/display: Fix GFX12 family constant checks (stable-fixes).
- drm/amd/display: Fix out-of-bounds stream encoder index v3 (git-fixes).
- drm/amd/display: Fix system resume lag issue (stable-fixes).
- drm/amd/display: Fix writeback on DCN 3.2+ (stable-fixes).
- drm/amd/display: fix wrong color value mapping on MCM shaper LUT (git-fixes).
- drm/amd/display: Increase DCN35 SR enter/exit latency (stable-fixes).
- drm/amd/display: only power down dig on phy endpoints (stable-fixes).
- drm/amd/display: Reject cursor plane on DCE when scaled differently than primary (git-fixes).
- drm/amd/display: remove assert around dpp_base replacement (stable-fixes).
- drm/amd/display: Remove conditional for shaper 3DLUT power-on (stable-fixes).
- drm/amd/display: Use same max plane scaling limits for all 64 bpp formats (git-fixes).
- drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (stable-fixes).
- drm/amd: Disable MES LR compute W/A (git-fixes).
- drm/amd: Drop 'amdgpu kernel modesetting enabled' message (git-fixes).
- drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected() (git-fixes).
- drm/amdgpu/gfx10: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/gfx11: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/gfx12: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/soc21: fix xclk for APUs (stable-fixes).
- drm/amdgpu: Add HAINAN clock adjustment (stable-fixes).
- drm/amdgpu: add support for HDP IP version 6.1.1 (stable-fixes).
- drm/amdgpu: Adjust usleep_range in fence wait (stable-fixes).
- drm/amdgpu: avoid a warning in timedout job handler (stable-fixes).
- drm/amdgpu: ensure no_hw_access is visible before MMIO (git-fixes).
- drm/amdgpu: Fix locking bugs in error paths (git-fixes).
- drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc() (git-fixes).
- drm/amdgpu: Fix memory leak in amdgpu_ras_init() (git-fixes).
- drm/amdgpu: fix NULL pointer issue buffer funcs (stable-fixes).
- drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify (git-fixes).
- drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable-fixes).
- drm/amdgpu: remove invalid usage of sched.ready (stable-fixes).
- drm/amdgpu: Replace kzalloc + copy_from_user with memdup_user (stable-fixes).
- drm/amdgpu: Skip loading SDMA_RS64 in VF (stable-fixes).
- drm/amdgpu: stop unmapping MQD for kernel queues v3 (stable-fixes).
- drm/amdgpu: Unlock a mutex before destroying it (git-fixes).
- drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() (git-fixes).
- drm/amdkfd: fix debug watchpoints for logical devices (stable-fixes).
- drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map() (stable-fixes).
- drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (stable-fixes).
- drm/amdkfd: Fix signal_eviction_fence() bool return value (git-fixes).
- drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (git-fixes).
- drm/amdkfd: Handle GPU reset and drain retry fault race (stable-fixes).
- drm/amdkfd: Relax size checking during queue buffer get (stable-fixes).
- drm/atmel-hlcdc: don't reject the commit if the src rect has fractional parts (stable-fixes).
- drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback (stable-fixes).
- drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release (stable-fixes).
- drm/bridge: anx7625: Fix invalid EDID size (git-fixes).
- drm/bridge: samsung-dsim: Fix memory leak in error path (git-fixes).
- drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used (git-fixes).
- drm/buddy: Prevent BUG_ON by validating rounded allocation (git-fixes).
- drm/display/dp_mst: Add protection against 0 vcpi (stable-fixes).
- drm/i915/acpi: free _DSM package when no connectors (git-fixes).
- drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129).
- drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros (stable-fixes).
- drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() (git-fixes).
- drm/mgag200: fix mgag200_bmc_stop_scanout() (git-fixes).
- drm/msm/a2xx: fix pixel shader start on A225 (git-fixes).
- drm/msm/disp: set num_planes to 1 for interleaved YUV formats (git-fixes).
- drm/msm/dpu: drop intr_start from DPU 3.x catalog files (git-fixes).
- drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x (git-fixes).
- drm/msm/dpu: fix WD timer handling on DPU 8.x (git-fixes).
- drm/msm/dpu: Set vsync source irrespective of mdp top support (git-fixes).
- drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() (stable-fixes).
- drm/panel: sw43408: Remove manual invocation of unprepare at remove (git-fixes).
- drm/p ...

Please note that the description has been truncated due to length. Please refer to vendor advisory for the full description.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: Critical

ID: 303965

File Name: suse_SU-2026-1081-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 3/27/2026

Updated: 3/27/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-23112

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-livepatch-6_4_0-150700_53_34-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/26/2026

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2023-53817, CVE-2025-37861, CVE-2025-39748, CVE-2025-39817, CVE-2025-39964, CVE-2025-40099, CVE-2025-40103, CVE-2025-40201, CVE-2025-40253, CVE-2025-68283, CVE-2025-68295, CVE-2025-68374, CVE-2025-68735, CVE-2025-68736, CVE-2025-68778, CVE-2025-68785, CVE-2025-68810, CVE-2025-71066, CVE-2025-71071, CVE-2025-71104, CVE-2025-71113, CVE-2025-71125, CVE-2025-71126, CVE-2025-71148, CVE-2025-71182, CVE-2025-71184, CVE-2025-71185, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191, CVE-2025-71192, CVE-2025-71194, CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199, CVE-2025-71200, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71229, CVE-2025-71231, CVE-2025-71232, CVE-2025-71234, CVE-2025-71235, CVE-2025-71236, CVE-2026-22979, CVE-2026-22982, CVE-2026-22989, CVE-2026-22998, CVE-2026-23003, CVE-2026-23004, CVE-2026-23010, CVE-2026-23017, CVE-2026-23021, CVE-2026-23023, CVE-2026-23026, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049, CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058, CVE-2026-23060, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069, CVE-2026-23070, CVE-2026-23071, CVE-2026-23073, CVE-2026-23074, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23082, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102, CVE-2026-23104, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23111, CVE-2026-23112, CVE-2026-23113, CVE-2026-23116, CVE-2026-23119, CVE-2026-23121, CVE-2026-23125, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135, CVE-2026-23139, CVE-2026-23141, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23151, CVE-2026-23152, CVE-2026-23154, CVE-2026-23155, CVE-2026-23156, CVE-2026-23157, CVE-2026-23163, CVE-2026-23166, CVE-2026-23167, CVE-2026-23169, CVE-2026-23170, CVE-2026-23171, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178, CVE-2026-23179, CVE-2026-23182, CVE-2026-23190, CVE-2026-23191, CVE-2026-23198, CVE-2026-23202, CVE-2026-23204, CVE-2026-23207, CVE-2026-23208, CVE-2026-23209, CVE-2026-23210, CVE-2026-23213, CVE-2026-23214, CVE-2026-23221, CVE-2026-23222, CVE-2026-23229, CVE-2026-23268, CVE-2026-23269

SuSE: SUSE-SU-2026:1081-1

Detections

Analytics