Detections
Analytics
SUSE SLED15 / SLES15 : Recommended update for initial livepatch (SUSE-SU-2026:1661-1)
high Nessus Plugin ID 311745
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1661-1 advisory.The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073).
- CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647).
- CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865).
- CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889).
- CVE-2026-23030: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (bsc#1257561).
- CVE-2026-23047: libceph: make calc_target() set t->paused, not just clear it (bsc#1257682).
- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
- CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280).
- CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303).
- CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305).
- CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330).
- CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414).
- CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337).
- CVE-2026-23215: x86/vmware: Fix hypercall clobbers (bsc#1258476).
- CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447).
- CVE-2026-23231: netfilter: nf_tables: register hooks last when adding new chain/flowtable (bsc#1259188).
- CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795).
- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).
- CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891).
- CVE-2026-23259: io_uring/rw: free potentially allocated iovec on cache put failure (bsc#1259866).
- CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886).
- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009).
- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
- CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997).
- CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).
- CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464).
- CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500).
- CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).
- CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562).
- CVE-2026-23319: bpf: export bpf_link_inc_not_zero (bsc#1260735).
- CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732).
- CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481).
- CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).
- CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799).
- CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730).
- CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).
- CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496).
- CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).
The following non security issues were fixed:
- accel/qaic: Handle DBC deactivation if the owner went away (git-fixes).
- ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() (git-fixes).
- ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (stable-fixes).
- ACPI: PM: Save NVS memory on Lenovo G70-35 (stable-fixes).
- ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (git-fixes).
- ALSA: caiaq: fix stack out-of-bounds read in init_card (git-fixes).
- ALSA: firewire-lib: fix uninitialized local variable (git-fixes).
- ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (stable-fixes).
- ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (stable-fixes).
- ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (stable-fixes).
- ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk (stable-fixes).
- ALSA: pci: hda: use snd_kcontrol_chip() (stable-fixes).
- ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (git-fixes).
- ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces (stable-fixes).
- ASoC: adau1372: Fix clock leak on PLL lock failure (git-fixes).
- ASoC: adau1372: Fix unchecked clk_prepare_enable() return value (git-fixes).
- ASoC: amd: acp-mach-common: Add missing error check for clock acquisition (git-fixes).
- ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (git-fixes).
- ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA (stable-fixes).
- ASoC: cs42l43: Report insert for exotic peripherals (stable-fixes).
- ASoC: detect empty DMI strings (git-fixes).
- ASoC: ep93xx: Fix unchecked clk_prepare_enable() and add rollback on failure (git-fixes).
- ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (stable-fixes).
- ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (stable-fixes).
- ASoC: Intel: boards: fix unmet dependency on PINCTRL (git-fixes).
- ASoC: Intel: catpt: Fix the device initialization (git-fixes).
- ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start (git-fixes).
- ASoC: soc-core: drop delayed_work_pending() check before flush (git-fixes).
- ASoC: soc-core: flush delayed work before removing DAIs and widgets (git-fixes).
- ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload (git-fixes).
- Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (git-fixes).
- Bluetooth: btusb: clamp SCO altsetting table indices (git-fixes).
- Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync (git-fixes).
- Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt (git-fixes).
- Bluetooth: hci_ll: Fix firmware leak on error path (git-fixes).
- Bluetooth: hci_sync: call destroy in hci_cmd_sync_run if immediate (git-fixes).
- Bluetooth: hci_sync: Fix hci_le_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Remove remaining dependencies of hci_request (stable-fixes).
- Bluetooth: HIDP: Fix possible UAF (git-fixes).
- Bluetooth: ISO: Fix defer tests being unstable (git-fixes).
- Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (git-fixes).
- Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (git-fixes).
- Bluetooth: L2CAP: Fix send LE flow credits in ACL link (git-fixes).
- Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req (git-fixes).
- Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (git-fixes).
- Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (git-fixes).
- Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (git-fixes).
- Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (git-fixes).
- Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (git-fixes).
- Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers (git-fixes).
- Bluetooth: MGMT: validate LTK enc_size on load (git-fixes).
- Bluetooth: MGMT: validate mesh send advertising payload length (git-fixes).
- Bluetooth: qca: fix ROM version reading on WCN3998 chips (git-fixes).
- Bluetooth: Remove 3 repeated macro definitions (stable-fixes).
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (git-fixes).
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (git-fixes).
- Bluetooth: SMP: derive legacy responder STK authentication from MITM state (git-fixes).
- Bluetooth: SMP: force responder MITM requirements before building the pairing response (git-fixes).
- Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (git-fixes).
- bonding: do not set usable_slaves for broadcast mode (git-fixes).
- btrfs: fix zero size inode with non-zero size after log replay (git-fixes).
- btrfs: log new dentries when logging parent dir of a conflicting inode (git-fixes).
- btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777).
- can: gw: fix OOB heap access in cgw_csum_crc8_rel() (git-fixes).
- can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (git-fixes).
- cifs: Fix locking usage for tcon fields (git-fixes).
- cifs: force interface update before a fresh session setup (git-fixes).
- cifs: make default value of retrans as zero (git-fixes).
- cifs: some missing initializations on replay (git-fixes).
- comedi: me_daq: Fix potential overrun of firmware buffer (git-fixes).
- comedi: me4000: Fix potential overrun of firmware buffer (git-fixes).
- comedi: ni_atmio16d: Fix invalid clean-up after failed attach (git-fixes).
- comedi: Reinit dev->spinlock between attachments to low-level drivers (git-fixes).
- cpufreq/amd-pstate: Remove the redundant verify() function (bsc#1252803).
- cpufreq/amd-pstate: Set the initial min_freq to lowest_nonlinear_freq (bsc#1252803).
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (git-fixes).
- crypto: caam - fix DMA corruption on long hmac keys (git-fixes).
- crypto: caam - fix overflow on long hmac keys (git-fixes).
- dmaengine: idxd: Fix freeing the allocated ida too late (git-fixes).
- dmaengine: idxd: Fix leaking event log memory (git-fixes).
- dmaengine: idxd: Fix memory leak when a wq is reset (git-fixes).
- dmaengine: idxd: Fix not releasing workqueue on .release() (git-fixes).
- dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (git-fixes).
- dmaengine: idxd: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes).
- dmaengine: sh: rz-dmac: Protect the driver specific lists (git-fixes).
- dmaengine: xilinx: xdma: Fix regmap init error handling (git-fixes).
- dmaengine: xilinx: xilinx_dma: Fix dma_device directions (git-fixes).
- dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (git-fixes).
- dmaengine: xilinx: xilinx_dma: Fix unmasked residue subtraction (git-fixes).
- Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes).
- Drivers: hv: remove stale comment (git-fixes).
- Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes).
- Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git-fixes).
- Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes).
- drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug (git-fixes).
- drm/amd: fix dcn 2.01 check (git-fixes).
- drm/amd: Set num IP blocks to 0 if discovery fails (stable-fixes).
- drm/amd/display: Add pixel_clock to amd_pp_display_configuration (stable-fixes).
- drm/amd/display: Do not skip unrelated mode changes in DSC validation (git-fixes).
- drm/amd/display: Fallback to boot snapshot for dispclk (stable-fixes).
- drm/amd/display: Fix DisplayID not-found handling in parse_edid_displayid_vrr() (git-fixes).
- drm/amd/display: Wrap dcn32_override_min_req_memclk() in DC_FP_{START, END} (git-fixes).
- drm/amd/pm: add missing od setting PP_OD_FEATURE_ZERO_FAN_BIT for smu v14 (git-fixes).
- drm/amd/pm: remove invalid gpu_metrics.energy_accumulator on smu v13.0.x (stable-fixes).
- drm/amdgpu: apply state adjust rules to some additional HAINAN vairants (stable-fixes).
- drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB (git-fixes).
- drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib (git-fixes).
- drm/amdgpu: fix gpu idle power consumption issue for gfx v12 (stable-fixes).
- drm/amdgpu: Fix kernel-doc comments for some LUT properties (git-fixes).
- drm/amdgpu: Fix use-after-free race in VM acquire (stable-fixes).
- drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable-fixes).
- drm/amdgpu: prevent immediate PASID reuse case (stable-fixes).
- drm/amdgpu/gmc9.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub2.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub2.3: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub3.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub3.0.1: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub3.0.2: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub4.1.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu/vcn5: Add SMU dpm interface type (stable-fixes).
- drm/amdkfd: Unreserve bo if queue update failed (git-fixes).
- drm/ast: dp501: Fix initialization of SCU2C (git-fixes).
- drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding (git-fixes).
- drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD (stable-fixes).
- drm/exynos: vidi: fix to avoid directly dereferencing user pointer (stable-fixes).
- drm/exynos/vidi: Remove redundant error handling in vidi_get_modes() (stable-fixes).
- drm/i915/display: Add module param to skip retraining of dp link (bsc#1253129).
- drm/i915/dp_tunnel: Fix error handling when clearing stream BW in atomic state (git-fixes).
- drm/i915/dp: Use crtc_state->enhanced_framing properly on ivb/hsw CPU eDP (git-fixes).
- drm/i915/dsc: Add helper for writing DSC Selective Update ET parameters (stable-fixes).
- drm/i915/dsc: Add Selective Update register definitions (stable-fixes).
- drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode (git-fixes).
- drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (git-fixes).
- drm/i915/gt: Check set_default_submission() before deferencing (git-fixes).
- drm/imagination: Fix deadlock in soft reset sequence (git-fixes).
- drm/ioc32: stop speculation on the drm_compat_ioctl path (git-fixes).
- drm/msm: Fix dma_free_attrs() buffer size (git-fixes).
- drm/msm/dsi: Document DSC related pclk_rate and hdisplay calculations (stable-fixes).
- drm/msm/dsi: fix hdisplay calculation when programming dsi registers (git-fixes).
- drm/msm/dsi: fix pclk rate calculation for bonded dsi (git-fixes).
- drm/radeon: apply state adjust rules to some additional HAINAN vairants (stable-fixes).
- drm/ttm/tests: Fix build failure on PREEMPT_RT (stable-fixes).
- drm/xe: Do not preempt fence signaling CS instructions (git-fixes).
- drm/xe: Open-code GGTT MMIO access protection (git-fixes).
- drm/xe/oa: Allow reading after disabling OA stream (git-fixes).
- drm/xe/reg_sr: Fix leak on xa_store failure (git-fixes).
- firmware: arm_scpi: Fix device_node reference leak in probe path (git-fixes).
- gpio: mxc: map Both Edge pad wakeup to Rising Edge (git-fixes).
- HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (stable-fixes).
- HID: apple: avoid memory leak in apple_report_fixup() (stable-fixes).
- HID: asus: avoid memory leak in asus_report_fixup() (stable-fixes).
- HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (stable-fixes).
- HID: mcp2221: cancel last I2C command on read error (stable-fixes).
- hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format (git-fixes).
- hv/hv_kvp_daemon: Pass NIC name to hv_get_dns_info as well (git-fixes).
- hwmon: (adm1177) fix sysfs ABI violation and current unit conversion (git-fixes).
- hwmon: (axi-fan-control) Make use of dev_err_probe() (stable-fixes).
- hwmon: (axi-fan-control) Use device firmware agnostic API (stable-fixes).
- hwmon: (occ) Fix division by zero in occ_show_power_1() (git-fixes).
- hwmon: (occ) Fix missing newline in occ_show_extended() (git-fixes).
- hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature (git-fixes).
- hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() (git-fixes).
- hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes (git-fixes).
- hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (git-fixes).
- hwmon: (pxe1610) Check return value of page-select write in probe (git-fixes).
- hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (git-fixes).
- hwmon: axi-fan: don't use driver_override as IRQ name (git-fixes).
- i2c: cp2615: fix serial string NULL-deref at probe (git-fixes).
- i2c: cp2615: replace deprecated strncpy with strscpy (stable-fixes).
- i2c: fsi: Fix a potential leak in fsi_i2c_probe() (git-fixes).
- i2c: pxa: defer reset on Armada 3700 when recovery is used (git-fixes).
- idpf: nullify pointers after they are freed (git-fixes).
- iio: accel: fix ADXL355 temperature signature value (git-fixes).
- iio: adc: ti-adc161s626: fix buffer read on big-endian (git-fixes).
- iio: chemical: bme680: Fix measurement wait duration calculation (git-fixes).
- iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (git-fixes).
- iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (git-fixes).
- iio: dac: ad5770r: fix error return in ad5770r_read_raw() (git-fixes).
- iio: dac: ds4424: reject -128 RAW value (git-fixes).
- iio: frequency: adf4377: Fix duplicated soft reset mask (git-fixes).
- iio: gyro: mpu3050-core: fix pm_runtime error handling (git-fixes).
- iio: gyro: mpu3050-i2c: fix pm_runtime error handling (git-fixes).
- iio: gyro: mpu3050: Fix incorrect free_irq() variable (git-fixes).
- iio: gyro: mpu3050: Fix irq resource leak (git-fixes).
- iio: gyro: mpu3050: Fix out-of-sequence free_irq() (git-fixes).
- iio: gyro: mpu3050: Move iio_device_register() to correct location (git-fixes).
- iio: imu: bmi160: Remove potential undefined behavior in bmi160_config_pin() (git-fixes).
- iio: imu: bno055: fix BNO055_SCAN_CH_COUNT off by one (git-fixes).
- iio: imu: inv_icm42600: fix odr switch to the same value (git-fixes).
- iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (git-fixes).
- iio: light: vcnl4035: fix scan buffer on big-endian (git-fixes).
- iio: potentiometer: mcp4131: fix double application of wiper shift (git-fixes).
- Input: synaptics-rmi4 - fix a locking bug in an error path (git-fixes).
- irqchip/qcom-mpm: Add missing mailbox TX done acknowledgment (git-fixes).
- mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations (stable-fixes).
- media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (git-fixes).
- media: tegra-video: Use accessors for pad config 'try_*' fields (stable-fixes).
- mfd: omap-usb-host: Convert to platform remove callback returning void (stable-fixes).
- mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes).
- mfd: qcom-pm8xxx: Convert to platform remove callback returning void (stable-fixes).
- mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes).
- misc: fastrpc: possible double-free of cctx->remote_heap (git-fixes).
- mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (git-fixes).
- mmc: sdhci: fix timing selection for 1-bit bus width (git-fixes).
- mtd: Avoid boot crash in RedBoot partition table parser (git-fixes).
- mtd: rawnand: brcmnand: skip DMA during panic write (git-fixes).
- mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (git-fixes).
- mtd: rawnand: pl353: make sure optimal timings are applied (git-fixes).
- mtd: rawnand: serialize lock/unlock against other NAND operations (git-fixes).
- mtd: spi-nor: core: avoid odd length/address reads on 8D-8D-8D mode (stable-fixes).
- mtd: spi-nor: core: avoid odd length/address writes in 8D-8D-8D mode (stable-fixes).
- net: mana: Add metadata support for xdp mode (git-fixes).
- net: mana: Add standard counter rx_missed_errors (git-fixes).
- net: mana: Add support for auxiliary device servicing events (bsc#1251971).
- net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).
- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).
- net: mana: Fix double destroy_workqueue on service rescan PCI path (git-fixes).
- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).
- net: mana: fix use-after-free in add_adev() error path (git-fixes).
- net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes).
- net: mana: Fix use-after-free in reset service rescan path (git-fixes).
- net: mana: Fix warnings for missing export.h header inclusion (git-fixes).
- net: mana: Handle hardware recovery events when probing the device (bsc#1257466).
- net: mana: Handle Reset Request from MANA NIC (bsc#1245728 bsc#1251971).
- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
- net: mana: Handle unsupported HWC commands (git-fixes).
- net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472).
- net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).
- net: mana: Probe rdma device in mana driver (git-fixes).
- net: mana: Reduce waiting time if HWC not responding (bsc#1252266).
- net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes).
- net: mana: Support HW link state events (bsc#1253049).
- net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).
- net: mana: use ethtool string helpers (git-fixes).
- net: mana: Use mana_cleanup_port_context() for rxq cleanup (git-fixes).
- net: usb: aqc111: Do not perform PM inside suspend callback (git-fixes).
- net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (git-fixes).
- net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check (git-fixes).
- net: usb: pegasus: validate USB endpoints (stable-fixes).
- net/mana: Null service_wq on setup error to prevent double destroy (git-fix).
- net/mana: Null service_wq on setup error to prevent double destroy (git-fixes).
- net/mlx5: Fix crash when moving to switchdev mode (git-fixes).
- net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (git-fixes).
- net/x25: Fix overflow when accumulating packets (git-fixes).
- net/x25: Fix potential double free of skb (git-fixes).
- nfc: nci: fix circular locking dependency in nci_close_device (git-fixes).
- NFC: nxp-nci: allow GPIOs to sleep (git-fixes).
- NFC: pn533: bound the UART receive buffer (git-fixes).
- nvme: add support for dynamic quirk configuration via module parameter (bsc#1243208).
- nvme: expose active quirks in sysfs (bsc#1243208).
- nvme: fix memory leak in quirks_param_set() (bsc#1243208).
- PCI: hv: Correct a comment (git-fixes).
- PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes).
- PCI: hv: remove unnecessary module_init/exit functions (git-fixes).
- PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes).
- PCI: Update BAR # and window messages (stable-fixes).
- phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (git-fixes).
- pinctrl: equilibrium: fix warning trace on load (git-fixes).
- pinctrl: equilibrium: rename irq_chip function callbacks (stable-fixes).
- pinctrl: mediatek: common: Fix probe failure for devices without EINT (git-fixes).
- pinctrl: qcom: spmi-gpio: implement .get_direction() (git-fixes).
- platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (git-fixes).
- platform/x86: dell-wmi: Add audio/mic mute key codes (stable-fixes).
- platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (stable-fixes).
- platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (stable-fixes).
- platform/x86: ISST: Correct locked bit width (git-fixes).
- platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (stable-fixes).
- PM: runtime: Fix a race condition related to device removal (git-fixes).
- RDMA/mana_ib: Access remote atomic for MRs (bsc#1251135).
- RDMA/mana_ib: add additional port counters (bsc#1251135).
- RDMA/mana_ib: Add device statistics support (git-fixes).
- RDMA/mana_ib: Add device-memory support (git-fixes).
- RDMA/mana_ib: Add EQ creation for rnic adapter (git-fixes).
- RDMA/mana_ib: Add port statistics support (git-fixes).
- RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).
- RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).
- RDMA/mana_ib: add support of multiple ports (bsc#1251135).
- RDMA/mana_ib: Adding and deleting GIDs (git-fixes).
- RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).
- RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).
- RDMA/mana_ib: Configure mac address in RNIC (git-fixes).
- RDMA/mana_ib: Create and destroy RC QP (git-fixes).
- RDMA/mana_ib: Create and destroy rnic adapter (git-fixes).
- RDMA/mana_ib: create and destroy RNIC cqs (git-fixes).
- RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).
- RDMA/mana_ib: create EQs for RNIC CQs (git-fixes).
- RDMA/mana_ib: create kernel-level CQs (git-fixes).
- RDMA/mana_ib: create/destroy AH (git-fixes).
- RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).
- RDMA/mana_ib: Enable RoCE on port 1 (git-fixes).
- RDMA/mana_ib: extend mana QP table (git-fixes).
- RDMA/mana_ib: Extend modify QP (git-fixes).
- RDMA/mana_ib: extend query device (git-fixes).
- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
- RDMA/mana_ib: Fix error code in probe() (git-fixes).
- RDMA/mana_ib: Fix integer overflow during queue creation (bsc#1251135).
- RDMA/mana_ib: Fix missing ret value (git-fixes).
- RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).
- RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).
- RDMA/mana_ib: Implement DMABUF MR support (git-fixes).
- RDMA/mana_ib: implement get_dma_mr (git-fixes).
- RDMA/mana_ib: Implement port parameters (git-fixes).
- RDMA/mana_ib: implement req_notify_cq ...
Please note that the description has been truncated due to length. Please refer to vendor advisory for the full description.
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1251135
https://bugzilla.suse.com/1251971
https://bugzilla.suse.com/1252073
https://bugzilla.suse.com/1252266
https://bugzilla.suse.com/1252803
https://bugzilla.suse.com/1253049
https://bugzilla.suse.com/1253129
https://bugzilla.suse.com/1255687
https://bugzilla.suse.com/1256504
https://bugzilla.suse.com/1256647
https://bugzilla.suse.com/1256690
https://bugzilla.suse.com/1257466
https://bugzilla.suse.com/1257472
https://bugzilla.suse.com/1257506
https://bugzilla.suse.com/1257561
https://bugzilla.suse.com/1257682
https://bugzilla.suse.com/1257773
https://bugzilla.suse.com/1257777
https://bugzilla.suse.com/1258280
https://bugzilla.suse.com/1258303
https://bugzilla.suse.com/1258305
https://bugzilla.suse.com/1258330
https://bugzilla.suse.com/1258337
https://bugzilla.suse.com/1258414
https://bugzilla.suse.com/1258447
https://bugzilla.suse.com/1258476
https://bugzilla.suse.com/1259188
https://bugzilla.suse.com/1259580
https://bugzilla.suse.com/1259707
https://bugzilla.suse.com/1259795
https://bugzilla.suse.com/1259797
https://bugzilla.suse.com/1259865
https://bugzilla.suse.com/1259866
https://bugzilla.suse.com/1259886
https://bugzilla.suse.com/1259889
https://bugzilla.suse.com/1259891
https://bugzilla.suse.com/1259997
https://bugzilla.suse.com/1259998
https://bugzilla.suse.com/1260005
https://bugzilla.suse.com/1260009
https://bugzilla.suse.com/1260347
https://bugzilla.suse.com/1260464
https://bugzilla.suse.com/1260471
https://bugzilla.suse.com/1260481
https://bugzilla.suse.com/1243208
https://bugzilla.suse.com/1245728
https://lists.suse.com/pipermail/sle-updates/2026-April/046139.html
https://www.suse.com/security/cve/CVE-2025-39998
https://www.suse.com/security/cve/CVE-2025-68794
https://www.suse.com/security/cve/CVE-2025-71268
https://www.suse.com/security/cve/CVE-2025-71269
https://www.suse.com/security/cve/CVE-2026-23030
https://www.suse.com/security/cve/CVE-2026-23047
https://bugzilla.suse.com/1260486
https://bugzilla.suse.com/1260500
https://bugzilla.suse.com/1260562
https://bugzilla.suse.com/1260730
https://bugzilla.suse.com/1260732
https://bugzilla.suse.com/1260735
https://bugzilla.suse.com/1260799
https://bugzilla.suse.com/1261496
https://bugzilla.suse.com/1261498
https://www.suse.com/security/cve/CVE-2026-23103
https://www.suse.com/security/cve/CVE-2026-23120
https://www.suse.com/security/cve/CVE-2026-23136
https://www.suse.com/security/cve/CVE-2026-23140
https://www.suse.com/security/cve/CVE-2026-23187
https://www.suse.com/security/cve/CVE-2026-23193
https://www.suse.com/security/cve/CVE-2026-23201
https://www.suse.com/security/cve/CVE-2026-23215
https://www.suse.com/security/cve/CVE-2026-23216
https://www.suse.com/security/cve/CVE-2026-23231
https://www.suse.com/security/cve/CVE-2026-23242
https://www.suse.com/security/cve/CVE-2026-23243
https://www.suse.com/security/cve/CVE-2026-23255
https://www.suse.com/security/cve/CVE-2026-23259
https://www.suse.com/security/cve/CVE-2026-23270
https://www.suse.com/security/cve/CVE-2026-23272
https://www.suse.com/security/cve/CVE-2026-23274
https://www.suse.com/security/cve/CVE-2026-23277
https://www.suse.com/security/cve/CVE-2026-23278
https://www.suse.com/security/cve/CVE-2026-23281
https://www.suse.com/security/cve/CVE-2026-23292
https://www.suse.com/security/cve/CVE-2026-23293
https://www.suse.com/security/cve/CVE-2026-23317
https://www.suse.com/security/cve/CVE-2026-23319
https://www.suse.com/security/cve/CVE-2026-23361
https://www.suse.com/security/cve/CVE-2026-23379
https://www.suse.com/security/cve/CVE-2026-23381
https://www.suse.com/security/cve/CVE-2026-23386
https://www.suse.com/security/cve/CVE-2026-23398
https://www.suse.com/security/cve/CVE-2026-23413
Plugin Details
Severity: High
ID: 311745
File Name: suse_SU-2026-1661-1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 5/2/2026
Updated: 5/2/2026
Supported Sensors: Nessus Agent, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.1
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2026-23413
CVSS v3
Risk Factor: High
Base Score: 8.2
Temporal Score: 7.4
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2026-31788
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-livepatch-6_4_0-150700_53_37-default, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/30/2026
Vulnerability Publication Date: 10/15/2025
Reference Information
CVE: CVE-2025-39998, CVE-2025-68794, CVE-2025-71268, CVE-2025-71269, CVE-2026-23030, CVE-2026-23047, CVE-2026-23103, CVE-2026-23120, CVE-2026-23136, CVE-2026-23140, CVE-2026-23187, CVE-2026-23193, CVE-2026-23201, CVE-2026-23215, CVE-2026-23216, CVE-2026-23231, CVE-2026-23242, CVE-2026-23243, CVE-2026-23255, CVE-2026-23259, CVE-2026-23270, CVE-2026-23272, CVE-2026-23274, CVE-2026-23277, CVE-2026-23278, CVE-2026-23281, CVE-2026-23292, CVE-2026-23293, CVE-2026-23317, CVE-2026-23319, CVE-2026-23361, CVE-2026-23379, CVE-2026-23381, CVE-2026-23386, CVE-2026-23398, CVE-2026-23413, CVE-2026-23414, CVE-2026-31788
SuSE: SUSE-SU-2026:1661-1